From 329684b59b8d55dd403c2c59f76d37210ba2f517 Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Fri, 25 May 2018 23:29:36 +0000 Subject: Fri May 25 23:29:36 UTC 2018 patches/packages/glibc-zoneinfo-2018e-noarch-2_slack13.1.txz: Rebuilt. Handle removal of US/Pacific-New timezone. If we see that the machine is using this, it will be automatically switched to US/Pacific. --- patches/source/MPlayer/MPlayer.SlackBuild | 488 ++ patches/source/MPlayer/slack-desc | 20 + patches/source/acl/acl.SlackBuild | 120 + patches/source/acl/acl.destdir.diff | 36 + patches/source/acl/slack-desc | 19 + patches/source/apr-util/apr-util.SlackBuild | 124 + patches/source/apr-util/slack-desc | 19 + patches/source/apr/apr.SlackBuild | 110 + patches/source/apr/slack-desc | 19 + patches/source/bash/bash-4.1-patches/bash41-001 | 48 + patches/source/bash/bash-4.1-patches/bash41-002 | 65 + patches/source/bash/bash-4.1-patches/bash41-003 | 48 + patches/source/bash/bash-4.1-patches/bash41-004 | 47 + patches/source/bash/bash-4.1-patches/bash41-005 | 56 + patches/source/bash/bash-4.1-patches/bash41-006 | 76 + patches/source/bash/bash-4.1-patches/bash41-007 | 47 + patches/source/bash/bash-4.1-patches/bash41-008 | 49 + patches/source/bash/bash-4.1-patches/bash41-009 | 48 + patches/source/bash/bash-4.1-patches/bash41-010 | 68 + patches/source/bash/bash-4.1-patches/bash41-011 | 86 + patches/source/bash/bash-4.1-patches/bash41-012 | 104 + patches/source/bash/bash-4.1-patches/bash41-013 | 43 + patches/source/bash/bash-4.1-patches/bash41-014 | 217 + patches/source/bash/bash-4.1-patches/bash41-015 | 173 + patches/source/bash/bash-4.1-patches/bash41-016 | 59 + patches/source/bash/bash-4.1-patches/bash41-017 | 132 + patches/source/bash/bash.CVE-2016-0634.bash43-047 | 150 + patches/source/bash/bash.CVE-2016-7543.bash43-048 | 54 + patches/source/bash/bash.SlackBuild | 155 + patches/source/bash/doinst.sh | 18 + patches/source/bash/slack-desc | 19 + patches/source/bind/3link.sh | 136 + patches/source/bind/bind.SlackBuild | 165 + patches/source/bind/bind.so_bsdcompat.diff | 11 + patches/source/bind/caching-example/localhost.zone | 11 + patches/source/bind/caching-example/named.conf | 31 + patches/source/bind/caching-example/named.local | 10 + patches/source/bind/caching-example/named.root | 90 + patches/source/bind/doinst.sh | 36 + patches/source/bind/rc.bind | 112 + patches/source/bind/slack-desc | 19 + patches/source/bluez/bluez.CVE-2017-1000251.diff | 27 + patches/source/bluez/bluez.SlackBuild | 199 + patches/source/bluez/config/bluetooth.modprobe | 3 + patches/source/bluez/config/bluetooth.sh | 7 + patches/source/bluez/config/rc.bluetooth | 30 + patches/source/bluez/doinst.sh | 29 + patches/source/bluez/passkey-agent.c | 418 ++ .../source/bluez/patches/bluez-dbus-config.patch | 25 + .../bluez/patches/bluez-run_udev_helper.patch | 12 + .../bluez/patches/bluez-unbreak_dell_mouse.patch | 14 + patches/source/bluez/slack-desc | 19 + patches/source/bzip2/bzip2.SlackBuild | 121 + patches/source/bzip2/bzip2.saneso.diff | 20 + patches/source/bzip2/slack-desc | 19 + patches/source/coreutils/DIR_COLORS | 235 + patches/source/coreutils/coreutils-dircolors.csh | 48 + patches/source/coreutils/coreutils-dircolors.sh | 54 + patches/source/coreutils/coreutils.SlackBuild | 195 + patches/source/coreutils/coreutils.uname.diff | 152 + patches/source/coreutils/doinst.sh | 13 + patches/source/coreutils/slack-desc | 19 + patches/source/cups/cups.SlackBuild | 206 + patches/source/cups/cups.fix_broken_locking.diff | 256 + patches/source/cups/doinst.sh | 34 + patches/source/cups/slack-desc | 19 + patches/source/cups/str4609-1.4.patch | 332 + .../cups/usb-backend-both-usblp-and-libusb.dpatch | 574 ++ patches/source/curl/cacert-fetch.sh | 1 + patches/source/curl/cacert.pem | 3955 +++++++++++ patches/source/curl/curl.SlackBuild | 152 + patches/source/curl/slack-desc | 19 + patches/source/dhcp/dhclient-script.PATH.diff | 13 + patches/source/dhcp/dhcp-remove-bind-tarball.sh | 49 + patches/source/dhcp/dhcp.SlackBuild | 179 + patches/source/dhcp/doinst.sh | 21 + patches/source/dhcp/slack-desc | 19 + patches/source/dhcpcd/50-ntp.conf.diff | 29 + patches/source/dhcpcd/COPYRIGHT | 26 + patches/source/dhcpcd/dhcpcd.SlackBuild | 119 + .../dhcpcd/dhcpcd.dho_optionsoverloaded.dos.patch | 11 + patches/source/dhcpcd/doinst.sh | 15 + patches/source/dhcpcd/slack-desc | 19 + patches/source/dnsmasq/dnsmasq.SlackBuild | 107 + patches/source/dnsmasq/dnsmasq.leasedir.diff | 24 + patches/source/dnsmasq/doinst.sh | 26 + patches/source/dnsmasq/rc.dnsmasq | 36 + patches/source/dnsmasq/slack-desc | 19 + patches/source/emacs/doinst.sh | 10 + patches/source/emacs/emacs.SlackBuild | 190 + patches/source/emacs/slack-desc | 12 + patches/source/expat/expat.SlackBuild | 101 + patches/source/expat/slack-desc | 19 + patches/source/fetchmail/fetchmail.SlackBuild | 107 + patches/source/fetchmail/slack-desc | 19 + patches/source/fixesproto/arch.use.flags | 9 + patches/source/fixesproto/build/fixesproto | 1 + patches/source/fixesproto/configure/configure | 13 + patches/source/fixesproto/fixesproto.SlackBuild | 2 + patches/source/fixesproto/modularize | 279 + patches/source/fixesproto/noarch | 75 + patches/source/fixesproto/package-blacklist | 44 + patches/source/fixesproto/slack-desc/fixesproto | 19 + patches/source/fixesproto/x11.SlackBuild | 381 + .../source/freetype/freetype.CVE-2017-8287.diff | 31 + patches/source/freetype/freetype.SlackBuild | 123 + .../source/freetype/freetype.illadvisederror.diff | 31 + .../freetype/freetype.subpixel.rendering.diff | 11 + patches/source/freetype/slack-desc | 19 + patches/source/ghostscript/cidfmap | 118 + .../source/ghostscript/ghostscript-pdf2dsc.patch | 12 + patches/source/ghostscript/ghostscript.SlackBuild | 190 + .../ghostscript/ghostscript.fix_black_page.diff | 99 + patches/source/ghostscript/slack-desc | 19 + patches/source/git/git-2.14.1.tar.sign | Bin 0 -> 543 bytes patches/source/git/git.SlackBuild | 170 + patches/source/git/git.url | 1 + patches/source/git/slack-desc | 19 + patches/source/glibc-zoneinfo/doinst.sh | 57 + .../glibc-zoneinfo/glibc-zoneinfo.SlackBuild | 147 + patches/source/glibc-zoneinfo/slack-desc | 19 + .../timezone-scripts/output-updated-timeconfig.sh | 60 + .../glibc-zoneinfo/timezone-scripts/parts/00 | 132 + .../glibc-zoneinfo/timezone-scripts/parts/01 | 585 ++ .../glibc-zoneinfo/timezone-scripts/parts/02 | 28 + .../glibc-zoneinfo/timezone-scripts/parts/03 | 585 ++ .../glibc-zoneinfo/timezone-scripts/parts/04 | 33 + .../glibc-zoneinfo/timezone-scripts/parts/README | 2 + .../timezone-scripts/setup.timeconfig | 3 + .../glibc-zoneinfo/timezone-scripts/timeconfig | 1363 ++++ patches/source/glibc/doinst.sh-glibc | 192 + patches/source/glibc/doinst.sh-glibc-solibs | 131 + patches/source/glibc/doinst.sh-glibc-zoneinfo | 23 + .../glibc/glibc-2.10-dns-no-gethostbyname4.diff | 26 + .../glibc/glibc-2.11.1.strtod.CVE-2012-3480.diff | 328 + patches/source/glibc/glibc-cvs-checkout.sh | 3 + patches/source/glibc/glibc.CVE-2009-5029.diff | 85 + patches/source/glibc/glibc.CVE-2010-3847.diff | 70 + patches/source/glibc/glibc.CVE-2010-3856.diff | 188 + patches/source/glibc/glibc.CVE-2013-4332.diff | 64 + .../glibc/glibc.CVE-2015-0235.glibc2111.diff | 208 + patches/source/glibc/glibc.SlackBuild | 489 ++ patches/source/glibc/glibc.getcwd.max.macro.diff | 10 + patches/source/glibc/glibc.locale.no-archive.diff | 10 + patches/source/glibc/glibc.nis-netgroups.diff | 12 + .../glibc/glibc.revert.to.fix.build.breakages.diff | 13 + patches/source/glibc/glibc.ru_RU.CP1251.diff | 10 + patches/source/glibc/is_IS.diff | 19 + patches/source/glibc/profile.d/glibc.csh.new | 9 + patches/source/glibc/profile.d/glibc.sh.new | 8 + patches/source/glibc/slack-desc.glibc | 19 + patches/source/glibc/slack-desc.glibc-debug | 19 + patches/source/glibc/slack-desc.glibc-i18n | 19 + patches/source/glibc/slack-desc.glibc-profile | 19 + patches/source/glibc/slack-desc.glibc-solibs | 19 + .../glibc/slack-desc.glibc-solibs-linuxthreads | 18 + patches/source/glibc/slack-desc.glibc-zoneinfo | 19 + .../timezone-scripts/output-updated-timeconfig.sh | 53 + patches/source/glibc/timezone-scripts/parts/00 | 131 + patches/source/glibc/timezone-scripts/parts/01 | 1658 +++++ patches/source/glibc/timezone-scripts/parts/02 | 28 + patches/source/glibc/timezone-scripts/parts/03 | 1658 +++++ patches/source/glibc/timezone-scripts/parts/04 | 32 + patches/source/glibc/timezone-scripts/parts/README | 2 + .../source/glibc/timezone-scripts/setup.timeconfig | 3 + patches/source/glibc/timezone-scripts/timeconfig | 3695 ++++++++++ patches/source/gnupg/gnupg.SlackBuild | 114 + patches/source/gnupg/slack-desc.gnupg | 19 + .../source/gnupg2/gnupg-2.0.14-encode-s2k.patch | 65 + patches/source/gnupg2/gnupg2.CVE-2010-2547.diff | 10 + patches/source/gnupg2/gnupg2.SlackBuild | 154 + patches/source/gnupg2/slack-desc | 19 + .../source/gnutls/gnutls-2.8.6_CVE-2009-3555.diff | 7376 ++++++++++++++++++++ .../source/gnutls/gnutls-2.8.6_CVE-2011-4128.diff | 36 + .../source/gnutls/gnutls-2.8.6_CVE-2012-1569.diff | 62 + .../source/gnutls/gnutls-2.8.6_CVE-2012-1573.diff | 39 + .../gnutls-2.8.6_CVE-2013-1619_CVE-2013-2116.diff | 381 + .../source/gnutls/gnutls-2.8.6_CVE-2014-0092.diff | 108 + .../source/gnutls/gnutls-2.8.6_CVE-2014-3466.diff | 312 + .../source/gnutls/gnutls-2.8.6_CVE-2014-3467.diff | 45 + .../source/gnutls/gnutls-2.8.6_CVE-2014-3468.diff | 45 + .../source/gnutls/gnutls-2.8.6_CVE-2014-3469.diff | 122 + patches/source/gnutls/gnutls-2.8.6_ipv6.diff | 51 + .../gnutls/gnutls-2.8.6_libgcrypt150-fix.diff | 162 + patches/source/gnutls/gnutls.SlackBuild | 145 + patches/source/gnutls/slack-desc | 19 + patches/source/hplip/doinst.sh | 4 + patches/source/hplip/hplip.CVE-2010-4267.diff | 12 + patches/source/hplip/hplip.CVE-2013-4325.diff | 38 + patches/source/hplip/hplip.SlackBuild | 125 + patches/source/hplip/slack-desc | 19 + patches/source/httpd/README | 34 + .../apache-2.2.CVE-2017-9798.optionsbleed.patch | 21 + patches/source/httpd/config.layout.diff | 30 + patches/source/httpd/doinst.sh | 71 + patches/source/httpd/httpd.SlackBuild | 227 + .../httpd.brigade_move.__noinline__.gcc451.diff | 10 + patches/source/httpd/httpd.nossldefault.diff | 11 + patches/source/httpd/httpd.runasapache.diff | 13 + patches/source/httpd/httpd.url | 2 + patches/source/httpd/logrotate.httpd | 12 + patches/source/httpd/rc.httpd | 35 + patches/source/httpd/slack-desc | 19 + patches/source/imlib/imlib.SlackBuild | 106 + patches/source/imlib/imlib.mitshm.render.diff | 92 + patches/source/imlib/slack-desc | 19 + patches/source/inputproto/arch.use.flags | 9 + patches/source/inputproto/build/inputproto | 1 + patches/source/inputproto/configure/configure | 13 + patches/source/inputproto/inputproto.SlackBuild | 2 + patches/source/inputproto/modularize | 279 + patches/source/inputproto/noarch | 75 + patches/source/inputproto/package-blacklist | 44 + patches/source/inputproto/slack-desc/inputproto | 19 + patches/source/inputproto/x11.SlackBuild | 381 + patches/source/irssi/doinst.sh | 12 + patches/source/irssi/irssi.SlackBuild | 146 + .../source/irssi/patch-src_irc_dcc_dcc-get_c.diff | 23 + .../irssi/patch-src_irc_dcc_dcc-resume_c.diff | 12 + patches/source/irssi/slack-desc | 19 + patches/source/jasper/jasper.SlackBuild | 137 + .../patches/jasper-1.900.1-CVE-2008-3520.patch | 928 +++ .../patches/jasper-1.900.1-CVE-2008-3522.patch | 14 + ...VE-2011-4516-CVE-2011-4517-CERT-VU-887409.patch | 23 + .../jasper-1.900.1-Coverity-BAD_SIZEOF.patch | 17 + .../jasper-1.900.1-Coverity-CHECKED_RETURN.patch | 141 + .../jasper-1.900.1-Coverity-FORWARD_NULL.patch | 44 + .../jasper-1.900.1-Coverity-NULL_RETURNS.patch | 61 + .../jasper-1.900.1-Coverity-RESOURCE_LEAK.patch | 202 + .../jasper-1.900.1-Coverity-UNREACHABLE.patch | 37 + .../jasper-1.900.1-Coverity-UNUSED_VALUE.patch | 41 + .../jasper/patches/jasper-CVE-2014-8137.patch | 57 + .../jasper/patches/jasper-CVE-2014-8138.patch | 14 + .../jasper/patches/jasper-CVE-2014-8157.patch | 12 + .../jasper/patches/jasper-CVE-2014-8158.patch | 329 + .../jasper/patches/jasper-CVE-2014-9029.patch | 29 + patches/source/jasper/patches/jpc_dec.c.patch | 18 + .../patch-libjasper-stepsizes-overflow.diff | 14 + patches/source/jasper/slack-desc | 19 + patches/source/k3b/KDE.options | 51 + patches/source/k3b/KDE_extra.SlackBuild | 54 + patches/source/k3b/k3b/doinst.sh | 5 + patches/source/k3b/k3b/k3b.SlackBuild | 94 + patches/source/k3b/k3b/local.options | 2 + patches/source/k3b/k3b/slack-desc | 19 + .../kdegraphics-4.4.x.okular.CVE-2010-2575.diff | 30 + patches/source/kdegraphics/kdegraphics.SlackBuild | 95 + patches/source/kdegraphics/local.options | 1 + patches/source/kdelibs/KDE.options | 51 + patches/source/kdelibs/doinst.sh | 9 + .../kdelibs/kdelibs.4.4.x.CVE-2011-1168.diff | 14 + patches/source/kdelibs/kdelibs.SlackBuild | 98 + .../kdelibs/kdesu-allow_NOPASS_in_suauth.patch | 61 + patches/source/kdelibs/local.options | 1 + patches/source/kdelibs/slack-desc | 19 + patches/source/libX11/arch.use.flags | 9 + patches/source/libX11/build/libX11 | 1 + patches/source/libX11/configure/libX11 | 12 + patches/source/libX11/libX11.SlackBuild | 2 + patches/source/libX11/modularize | 279 + patches/source/libX11/noarch | 75 + patches/source/libX11/package-blacklist | 44 + .../source/libX11/post-install/libX11.post-install | 2 + patches/source/libX11/slack-desc/libX11 | 19 + patches/source/libX11/x11.SlackBuild | 381 + patches/source/libXcursor/arch.use.flags | 7 + patches/source/libXcursor/build/increment.sh | 17 + patches/source/libXcursor/build/libXcursor | 1 + patches/source/libXcursor/configure/configure | 12 + patches/source/libXcursor/libXcursor.SlackBuild | 26 + patches/source/libXcursor/modularize | 272 + patches/source/libXcursor/noarch | 76 + patches/source/libXcursor/package-blacklist | 43 + patches/source/libXcursor/slack-desc/libXcursor | 19 + patches/source/libXcursor/x11-build-script.sh | 374 + patches/source/libXext/arch.use.flags | 9 + patches/source/libXext/build/libXext | 1 + patches/source/libXext/configure/configure | 13 + patches/source/libXext/libXext.SlackBuild | 2 + patches/source/libXext/modularize | 279 + patches/source/libXext/noarch | 75 + patches/source/libXext/package-blacklist | 44 + patches/source/libXext/slack-desc/libXext | 19 + patches/source/libXext/x11.SlackBuild | 381 + patches/source/libXfixes/arch.use.flags | 9 + patches/source/libXfixes/build/libXfixes | 1 + patches/source/libXfixes/configure/configure | 13 + patches/source/libXfixes/libXfixes.SlackBuild | 2 + patches/source/libXfixes/modularize | 279 + patches/source/libXfixes/noarch | 75 + patches/source/libXfixes/package-blacklist | 44 + patches/source/libXfixes/slack-desc/libXfixes | 19 + patches/source/libXfixes/x11.SlackBuild | 381 + patches/source/libXfont/arch.use.flags | 7 + patches/source/libXfont/build/increment.sh | 17 + patches/source/libXfont/build/libXfont | 1 + patches/source/libXfont/configure/configure | 12 + patches/source/libXfont/libXfont.SlackBuild | 26 + patches/source/libXfont/modularize | 272 + patches/source/libXfont/noarch | 76 + patches/source/libXfont/package-blacklist | 43 + patches/source/libXfont/patch/libXfont.patch | 1 + .../patch/libXfont/libXfont.CVE-2017-16611.diff | 85 + patches/source/libXfont/slack-desc/libXfont | 19 + patches/source/libXfont/x11-build-script.sh | 374 + patches/source/libXi/arch.use.flags | 9 + patches/source/libXi/build/libXi | 1 + patches/source/libXi/configure/configure | 13 + patches/source/libXi/libXi.SlackBuild | 2 + patches/source/libXi/modularize | 279 + patches/source/libXi/noarch | 75 + patches/source/libXi/package-blacklist | 44 + patches/source/libXi/slack-desc/libXi | 19 + patches/source/libXi/slack-desc/libXinerama | 19 + patches/source/libXi/x11.SlackBuild | 381 + patches/source/libXrandr/arch.use.flags | 9 + patches/source/libXrandr/build/libXrandr | 1 + patches/source/libXrandr/configure/configure | 13 + patches/source/libXrandr/libXrandr.SlackBuild | 2 + patches/source/libXrandr/modularize | 279 + patches/source/libXrandr/noarch | 75 + patches/source/libXrandr/package-blacklist | 44 + patches/source/libXrandr/slack-desc/libXrandr | 19 + patches/source/libXrandr/x11.SlackBuild | 381 + patches/source/libXrender/arch.use.flags | 9 + patches/source/libXrender/build/libXrender | 1 + patches/source/libXrender/configure/configure | 13 + patches/source/libXrender/libXrender.SlackBuild | 2 + patches/source/libXrender/modularize | 279 + patches/source/libXrender/noarch | 75 + patches/source/libXrender/package-blacklist | 44 + patches/source/libXrender/slack-desc/libXrender | 19 + patches/source/libXrender/x11.SlackBuild | 381 + patches/source/libXtst/arch.use.flags | 9 + patches/source/libXtst/build/libXtst | 1 + patches/source/libXtst/configure/configure | 13 + patches/source/libXtst/libXtst.SlackBuild | 2 + patches/source/libXtst/modularize | 279 + patches/source/libXtst/noarch | 75 + patches/source/libXtst/package-blacklist | 44 + patches/source/libXtst/slack-desc/libXtst | 19 + patches/source/libXtst/x11.SlackBuild | 381 + patches/source/libXv/arch.use.flags | 9 + patches/source/libXv/build/libXv | 1 + patches/source/libXv/configure/configure | 13 + patches/source/libXv/libXv.SlackBuild | 2 + patches/source/libXv/modularize | 279 + patches/source/libXv/noarch | 75 + patches/source/libXv/package-blacklist | 44 + patches/source/libXv/slack-desc/libXv | 19 + patches/source/libXv/slack-desc/libXvMC | 19 + patches/source/libXv/x11.SlackBuild | 381 + patches/source/libXvMC/arch.use.flags | 9 + patches/source/libXvMC/build/libXvMC | 1 + patches/source/libXvMC/configure/configure | 13 + patches/source/libXvMC/libXvMC.SlackBuild | 2 + patches/source/libXvMC/modularize | 279 + patches/source/libXvMC/noarch | 75 + patches/source/libXvMC/package-blacklist | 44 + patches/source/libXvMC/slack-desc/libXvMC | 19 + patches/source/libXvMC/x11.SlackBuild | 381 + patches/source/libexif/libexif.SlackBuild | 107 + patches/source/libexif/libexif.pc.diff | 8 + patches/source/libexif/slack-desc | 19 + patches/source/libgcrypt/libgcrypt.SlackBuild | 124 + patches/source/libgcrypt/slack-desc | 19 + .../source/libgpg-error/libgpg-error.SlackBuild | 118 + patches/source/libgpg-error/slack-desc | 19 + patches/source/libidn/libidn.SlackBuild | 137 + patches/source/libidn/slack-desc | 19 + patches/source/libiodbc/libiodbc.SlackBuild | 126 + .../source/libiodbc/libiodbc.disable.rpath.diff | 11 + patches/source/libiodbc/slack-desc | 19 + patches/source/libjpeg/jpeg.CVE-2013-6629.diff | 32 + patches/source/libjpeg/libjpeg.SlackBuild | 112 + patches/source/libjpeg/slack-desc | 19 + patches/source/libpng/libpng.SlackBuild | 134 + patches/source/libpng/slack-desc | 19 + patches/source/libtiff/libtiff.SlackBuild | 122 + patches/source/libtiff/slack-desc | 19 + ..._CVE-2012-4564_CVE-2013-1960_CVE-2013-1961.diff | 3813 ++++++++++ .../source/libtiff/tiff-3.9.7_CVE-2013-4231.diff | 23 + .../source/libtiff/tiff-3.9.7_CVE-2013-4232.diff | 24 + .../source/libtiff/tiff-3.9.7_CVE-2013-4244.diff | 24 + .../libwmf/libwmf-0.2.8.4-CVE-2004-0941.patch | 17 + .../libwmf/libwmf-0.2.8.4-CVE-2006-3376.patch | 27 + .../libwmf/libwmf-0.2.8.4-CVE-2007-0455.patch | 11 + .../libwmf/libwmf-0.2.8.4-CVE-2007-2756.patch | 16 + .../libwmf/libwmf-0.2.8.4-CVE-2007-3472.patch | 61 + .../libwmf/libwmf-0.2.8.4-CVE-2007-3473.patch | 13 + .../libwmf/libwmf-0.2.8.4-CVE-2007-3477.patch | 38 + .../libwmf/libwmf-0.2.8.4-CVE-2009-3546.patch | 13 + ...ibwmf-0.2.8.4-CVE-2015-0848+CVE-2015-4588.patch | 118 + .../libwmf/libwmf-0.2.8.4-CVE-2015-4695.patch | 56 + .../libwmf/libwmf-0.2.8.4-CVE-2015-4696.patch | 23 + .../libwmf/libwmf-0.2.8.4-CVE-2016-10167.patch | 30 + .../libwmf/libwmf-0.2.8.4-CVE-2016-10168.patch | 14 + .../libwmf/libwmf-0.2.8.4-CVE-2016-9011.patch | 36 + .../libwmf/libwmf-0.2.8.4-CVE-2016-9317.patch | 21 + .../libwmf/libwmf-0.2.8.4-CVE-2017-6362.patch | 32 + .../libwmf/libwmf-0.2.8.4-fallbackfont.patch | 18 + .../libwmf/libwmf-0.2.8.4-pixbufloaderdir.patch | 14 + .../libwmf/libwmf-0.2.8.4-reducesymbols.patch | 520 ++ .../libwmf/libwmf-0.2.8.4-useafterfree.patch | 10 + patches/source/libwmf/libwmf.SlackBuild | 142 + patches/source/libwmf/libwmf.png14.diff | 11 + patches/source/libwmf/slack-desc | 19 + patches/source/libxcb/arch.use.flags | 9 + patches/source/libxcb/build/libxcb | 1 + patches/source/libxcb/configure/libxcb | 14 + patches/source/libxcb/libxcb.SlackBuild | 2 + patches/source/libxcb/modularize | 279 + patches/source/libxcb/noarch | 75 + patches/source/libxcb/package-blacklist | 44 + .../source/libxcb/post-install/libxcb.post-install | 66 + patches/source/libxcb/slack-desc/libxcb | 19 + patches/source/libxcb/x11.SlackBuild | 381 + patches/source/libxml2/libxml.CVE-2011-3102.diff | 39 + patches/source/libxml2/libxml2.CVE-2012-5134.diff | 21 + patches/source/libxml2/libxml2.SlackBuild | 108 + patches/source/libxml2/slack-desc | 19 + patches/source/libyaml/libyaml.SlackBuild | 114 + patches/source/libyaml/libyaml.url | 1 + patches/source/libyaml/slack-desc | 19 + .../linux-2.6.33.4/kernel.CVE-2010-3081.diff | 169 + .../linux-2.6.33.4/kernel.CVE-2010-3301.a.diff | 97 + .../linux-2.6.33.4/kernel.CVE-2010-3301.b.diff | 49 + .../linux-2.6.33.4/kernel.compat.2.6.33.x.diff | 10 + patches/source/lm_sensors/lm_sensors.SlackBuild | 125 + patches/source/lm_sensors/lm_sensors.makefile.diff | 15 + patches/source/lm_sensors/slack-desc | 19 + patches/source/lynx/doinst.sh | 13 + patches/source/lynx/lynx.SlackBuild | 155 + patches/source/lynx/lynx.cfg.diff | 31 + patches/source/lynx/slack-desc | 19 + patches/source/mailx/doinst.sh | 14 + .../source/mailx/heirloom-mailx-12.5-fixes-1.patch | 232 + patches/source/mailx/mailx.SlackBuild | 142 + patches/source/mailx/slack-desc | 19 + patches/source/mercurial/doinst.sh | 13 + patches/source/mercurial/mercurial.SlackBuild | 109 + patches/source/mercurial/slack-desc | 22 + patches/source/minicom/config.sub-x86_64.diff | 20 + patches/source/minicom/doinst.sh | 15 + patches/source/minicom/lrzsz_0.12.21-5.diff | 4194 +++++++++++ patches/source/minicom/minicom.SlackBuild | 160 + patches/source/minicom/minicom.users | 36 + patches/source/minicom/slack-desc | 19 + .../mozilla-firefox/firefox.moz_plugin_path.diff | 17 + patches/source/mozilla-firefox/firefox.png | Bin 0 -> 24263 bytes patches/source/mozilla-firefox/mimeTypes.rdf | 28 + .../mozilla-firefox-mimeTypes-fix.diff | 45 + .../mozilla-firefox/mozilla-firefox.SlackBuild | 190 + .../source/mozilla-firefox/mozilla-firefox.desktop | 80 + patches/source/mozilla-firefox/slack-desc | 19 + patches/source/mozilla-thunderbird/mimeTypes.rdf | 113 + .../mozilla-thunderbird.SlackBuild | 181 + .../mozilla-thunderbird.desktop | 84 + patches/source/mozilla-thunderbird/slack-desc | 19 + patches/source/mozilla-thunderbird/thunderbird.png | Bin 0 -> 47617 bytes patches/source/mysql/doinst.sh | 22 + patches/source/mysql/mirror-url | 1 + patches/source/mysql/mysql-embedded.build | 64 + patches/source/mysql/mysql.CVE-2014-0001.diff | 11 + patches/source/mysql/mysql.SlackBuild | 223 + patches/source/mysql/mysql.openssl0.diff | 13 + patches/source/mysql/rc.mysqld | 86 + patches/source/mysql/slack-desc | 19 + patches/source/ntp/doinst.sh | 28 + patches/source/ntp/ntp.SlackBuild | 158 + patches/source/ntp/ntp.conf | 72 + patches/source/ntp/ntp.keys | 2 + patches/source/ntp/ntp.nano.diff | 17 + patches/source/ntp/rc.ntpd | 71 + patches/source/ntp/slack-desc | 19 + patches/source/openssh/doinst.sh | 49 + patches/source/openssh/openssh-7.4p1-libwrap.diff | 137 + .../source/openssh/openssh.CVE-2017-15906.patch | 19 + patches/source/openssh/openssh.SlackBuild | 169 + patches/source/openssh/rc.sshd | 59 + patches/source/openssh/slack-desc | 19 + patches/source/openssl/certwatch | 130 + patches/source/openssl/doinst.sh-openssl | 15 + patches/source/openssl/doinst.sh-openssl-solibs | 12 + patches/source/openssl/openssl.SlackBuild | 199 + .../openssl/openssl.no.weak.sslv2.ciphers.diff | 51 + .../openssl/openssl.no.weak.sslv3.ciphers.diff | 356 + patches/source/openssl/openssl.optsx86.diff | 11 + patches/source/openssl/openssl.soname.diff | 11 + patches/source/openssl/slack-desc.openssl | 19 + patches/source/openssl/slack-desc.openssl-solibs | 19 + patches/source/openvpn/README | 26 + patches/source/openvpn/doinst.sh | 25 + patches/source/openvpn/openvpn.SlackBuild | 169 + patches/source/openvpn/openvpn.url | 2 + patches/source/openvpn/rc.openvpn | 111 + patches/source/openvpn/slack-desc | 19 + patches/source/openvpn/slackware.conf | 178 + ...001-Refuse-to-apply-ed-scripts-by-default.patch | 79 + patches/source/patch/patch.SlackBuild | 119 + patches/source/patch/slack-desc | 19 + patches/source/perl/10_hash.t | 38 + patches/source/perl/hash.t | 46 + patches/source/perl/hv.c | 61 + patches/source/perl/perl.SlackBuild | 296 + patches/source/perl/perl.configure.multilib.patch | 35 + patches/source/perl/slack-desc | 19 + patches/source/php/doinst.sh | 8 + patches/source/php/fetch-php.sh | 1 + patches/source/php/mod_php.conf.example | 29 + patches/source/php/php.SlackBuild | 301 + patches/source/php/php.ini-development.diff | 47 + patches/source/php/php.session.save_path.diff | 22 + patches/source/php/slack-desc | 19 + patches/source/pidgin/pidgin.SlackBuild | 224 + .../source/pidgin/purple-allow-sign-rsa-md5.patch | 12 + patches/source/pidgin/slack-desc | 19 + ...rocess-Clarify-that-the-real-uid-is-retur.patch | 122 + ...UnixProcess-also-record-the-uid-of-the-pr.patch | 666 ++ ...unix_process_get_uid-to-get-the-owner-of-.patch | 41 + ...void-TOCTTOU-problems-with-parent-process.patch | 97 + patches/source/polkit/polkit-1-shadow.diff | 1030 +++ patches/source/polkit/polkit.SlackBuild | 149 + patches/source/polkit/slack-desc | 19 + .../poppler/poppler-0.12.4-CVE-2010-3702.patch | 18 + .../poppler/poppler-0.12.4-CVE-2010-3703.patch | 10 + .../poppler/poppler-0.12.4-CVE-2010-3704.patch | 20 + patches/source/poppler/poppler.SlackBuild | 127 + patches/source/poppler/slack-desc | 19 + patches/source/ppp/doinst.sh | 21 + patches/source/ppp/options.new | 276 + patches/source/ppp/ppp.CVE-2014-3158.diff | 30 + patches/source/ppp/ppp.CVE-2015-3310.diff | 11 + patches/source/ppp/ppp.SlackBuild | 172 + patches/source/ppp/ppp.slack.diff | 28 + patches/source/ppp/pppsetup-1.98.backupfiles.diff | 26 + patches/source/ppp/pppsetup-1.98.moredevs.diff | 105 + patches/source/ppp/pppsetup-1.98.pppoff.diff | 19 + patches/source/ppp/pppsetup-1.98.slack.diff | 1709 +++++ patches/source/ppp/radius.msdict | 81 + patches/source/ppp/realms | 22 + patches/source/ppp/servers | 4 + patches/source/ppp/slack-desc | 19 + patches/source/proftpd/doinst.sh | 18 + patches/source/proftpd/etc/ftpusers | 22 + patches/source/proftpd/etc/proftpd.conf | 74 + patches/source/proftpd/proftpd.SlackBuild | 134 + patches/source/proftpd/slack-desc | 19 + patches/source/randrproto/arch.use.flags | 9 + patches/source/randrproto/build/randrproto | 1 + patches/source/randrproto/configure/configure | 13 + patches/source/randrproto/modularize | 279 + patches/source/randrproto/noarch | 75 + patches/source/randrproto/package-blacklist | 44 + patches/source/randrproto/randrproto.SlackBuild | 2 + patches/source/randrproto/slack-desc/randrproto | 19 + patches/source/randrproto/x11.SlackBuild | 381 + .../source/rdesktop/rdesktop.CVE-2011-1595.diff | 22 + patches/source/rdesktop/rdesktop.SlackBuild | 117 + patches/source/rdesktop/slack-desc | 19 + patches/source/recordproto/arch.use.flags | 9 + patches/source/recordproto/build/recordproto | 1 + patches/source/recordproto/configure/configure | 13 + patches/source/recordproto/modularize | 279 + patches/source/recordproto/noarch | 75 + patches/source/recordproto/package-blacklist | 44 + patches/source/recordproto/recordproto.SlackBuild | 2 + patches/source/recordproto/slack-desc/recordproto | 19 + patches/source/recordproto/x11.SlackBuild | 381 + patches/source/rsync/rsync.SlackBuild | 110 + patches/source/rsync/slack-desc | 19 + patches/source/ruby/ruby.SlackBuild | 130 + patches/source/ruby/slack-desc | 19 + .../source/rxvt/rxvt-integer-overflow-fix.patch | 11 + patches/source/rxvt/rxvt.SlackBuild | 127 + patches/source/rxvt/rxvt.utempter.diff | 277 + patches/source/rxvt/slack-desc | 19 + patches/source/samba/doinst.sh | 16 + patches/source/samba/prune-samba.sh | 33 + patches/source/samba/rc.samba | 45 + .../samba-4.6.3-4.5.9-4.4.13-CVE-2017-7494.patch | 34 + patches/source/samba/samba.SlackBuild | 233 + patches/source/samba/slack-desc | 19 + patches/source/samba/smb.conf.default | 271 + patches/source/samba/smb.conf.default.orig | 271 + patches/source/samba/smb.conf.diff | 29 + patches/source/samba/talloc.pc | 11 + .../source/sdl/sdl-1.2.14-fix-mouse-clicking.patch | 23 + patches/source/sdl/sdl.SlackBuild | 253 + .../source/sdl/sdl.linux-2.6.31.input_absinfo.diff | 38 + patches/source/sdl/slack-desc | 19 + patches/source/seamonkey/doinst.sh | 11 + .../seamonkey/pkgconfig/seamonkey-gtkmozembed.pc | 11 + patches/source/seamonkey/pkgconfig/seamonkey-js.pc | 11 + .../source/seamonkey/pkgconfig/seamonkey-nspr.pc | 12 + .../source/seamonkey/pkgconfig/seamonkey-nss.pc | 11 + .../source/seamonkey/pkgconfig/seamonkey-plugin.pc | 10 + .../source/seamonkey/pkgconfig/seamonkey-xpcom.pc | 12 + patches/source/seamonkey/seamonkey-icon.png | Bin 0 -> 12796 bytes patches/source/seamonkey/seamonkey-mail-icon.png | Bin 0 -> 185 bytes patches/source/seamonkey/seamonkey-mail.desktop | 8 + patches/source/seamonkey/seamonkey.SlackBuild | 234 + patches/source/seamonkey/seamonkey.desktop | 8 + patches/source/seamonkey/slack-desc | 19 + patches/source/sendmail/Build | 29 + patches/source/sendmail/SlackBuild-sendmail | 168 + patches/source/sendmail/SlackBuild-sendmail-cf | 57 + patches/source/sendmail/linux.uucp.mc | 8 + .../source/sendmail/sendmail-slackware-tls-sasl.mc | 61 + patches/source/sendmail/sendmail-slackware-tls.mc | 56 + patches/source/sendmail/sendmail-slackware.mc | 42 + patches/source/sendmail/sendmail.SlackBuild | 3 + patches/source/sendmail/site.config.m4 | 8 + patches/source/sendmail/slack-desc.sendmail | 19 + patches/source/sendmail/slack-desc.sendmail-cf | 19 + patches/source/shadow/adduser | 440 ++ patches/source/shadow/doinst.sh | 17 + patches/source/shadow/login.defs | 387 + patches/source/shadow/patches/README_PATCHES | 9 + patches/source/shadow/patches/r3054.diff | 27 + patches/source/shadow/patches/r3055.diff | 1515 ++++ patches/source/shadow/patches/r3060.diff | 116 + patches/source/shadow/patches/r3062.diff | 139 + patches/source/shadow/patches/r3096.diff | 27 + patches/source/shadow/patches/r3160.diff | 239 + patches/source/shadow/patches/r3194.diff | 15 + patches/source/shadow/patches/r3299.diff | 12 + patches/source/shadow/shadow.SlackBuild | 165 + patches/source/shadow/shadow.url | 1 + patches/source/shadow/slack-desc | 19 + patches/source/shadow/useradd | 8 + patches/source/slocate/slack-desc | 19 + patches/source/slocate/slocate-3.1.tar.gz.sign | 7 + patches/source/slocate/slocate.CVE-2007-0277.diff | 42 + patches/source/slocate/slocate.SlackBuild | 90 + patches/source/slocate/slocate.bigfile.diff | 33 + patches/source/stunnel/doinst.sh | 12 + patches/source/stunnel/generate-stunnel-key.sh | 13 + patches/source/stunnel/slack-desc | 19 + patches/source/stunnel/stunnel.SlackBuild | 140 + patches/source/subversion/get-svn-book.sh | 9 + patches/source/subversion/slack-desc | 19 + patches/source/subversion/subversion.SlackBuild | 174 + patches/source/sudo/doinst.sh | 14 + patches/source/sudo/slack-desc | 19 + patches/source/sudo/sudo.SlackBuild | 122 + patches/source/t1lib/slack-desc | 19 + patches/source/t1lib/t1lib.SlackBuild | 131 + patches/source/t1lib/t1lib_5.1.2-3.5.diff | 2109 ++++++ patches/source/vsftpd/doinst.sh | 15 + patches/source/vsftpd/slack-desc | 19 + patches/source/vsftpd/vsftpd.SlackBuild | 106 + patches/source/vsftpd/vsftpd.builddefs.diff | 15 + patches/source/vsftpd/vsftpd.conf.diff | 45 + patches/source/vsftpd/vsftpd.log | 5 + patches/source/wget/doinst.sh | 14 + patches/source/wget/slack-desc | 19 + patches/source/wget/wget.SlackBuild | 109 + patches/source/wicd/README.SLACKWARE | 17 + patches/source/wicd/doinst.sh | 37 + patches/source/wicd/slack-desc | 19 + .../wicd/wicd-1.7.2.4.sanitize.string.bugfix.diff | 11 + patches/source/wicd/wicd.SlackBuild | 100 + patches/source/xcb-proto/arch.use.flags | 9 + patches/source/xcb-proto/build/xcb-proto | 1 + patches/source/xcb-proto/configure/configure | 13 + patches/source/xcb-proto/modularize | 279 + patches/source/xcb-proto/noarch | 75 + patches/source/xcb-proto/package-blacklist | 44 + .../xcb-proto/post-install/xcb-proto.post-install | 5 + patches/source/xcb-proto/slack-desc/xcb-proto | 19 + patches/source/xcb-proto/x11.SlackBuild | 381 + patches/source/xcb-proto/xcb-proto.SlackBuild | 2 + patches/source/xextproto/arch.use.flags | 9 + patches/source/xextproto/build/xextproto | 1 + patches/source/xextproto/configure/configure | 13 + patches/source/xextproto/modularize | 279 + patches/source/xextproto/noarch | 75 + patches/source/xextproto/package-blacklist | 44 + patches/source/xextproto/slack-desc/xextproto | 19 + patches/source/xextproto/x11.SlackBuild | 381 + patches/source/xextproto/xextproto.SlackBuild | 2 + patches/source/xorg-server/arch.use.flags | 7 + patches/source/xorg-server/build/xorg-server | 1 + patches/source/xorg-server/configure/xorg-server | 41 + patches/source/xorg-server/makepkg/xorg-server | 35 + patches/source/xorg-server/modularize | 265 + patches/source/xorg-server/noarch | 76 + patches/source/xorg-server/package-blacklist | 39 + patches/source/xorg-server/patch/xorg-server.patch | 6 + .../xorg-server/x11.startwithblackscreen.diff | 13 + .../xorg-server/xorg-server.CVE-2010-2240.diff | 130 + .../xorg-server/xorg-server.CVE-2013-4396.diff | 42 + .../xorg-server/xorg-server.CVE-2017-10971.diff | 21 + .../xorg-server/xorg-server.CVE-2017-10972.diff | 36 + .../xorg-server/xorg-server.fb.fbpict.c.mod.diff | 11 + .../post-install/xorg-server.post-install | 17 + patches/source/xorg-server/slack-desc/xorg-server | 19 + .../xorg-server/slack-desc/xorg-server-xephyr | 19 + .../xorg-server/slack-desc/xorg-server-xnest | 19 + .../source/xorg-server/slack-desc/xorg-server-xvfb | 19 + patches/source/xorg-server/x11.SlackBuild | 364 + patches/source/xorg-server/xorg-server.SlackBuild | 2 + patches/source/xpdf/doinst.sh | 19 + patches/source/xpdf/lang/xpdf-arabic.diff | 7 + .../source/xpdf/lang/xpdf-chinese-simplified.diff | 19 + .../source/xpdf/lang/xpdf-chinese-traditional.diff | 17 + patches/source/xpdf/lang/xpdf-cyrillic.diff | 9 + patches/source/xpdf/lang/xpdf-greek.diff | 9 + patches/source/xpdf/lang/xpdf-hebrew.diff | 9 + patches/source/xpdf/lang/xpdf-japanese.diff | 55 + patches/source/xpdf/lang/xpdf-korean.diff | 15 + patches/source/xpdf/lang/xpdf-latin2.diff | 7 + patches/source/xpdf/lang/xpdf-thai.diff | 9 + patches/source/xpdf/lang/xpdf-turkish.diff | 7 + .../xpdf/patches/xpdf-3.03-CVE-2012-2142.diff | 55 + patches/source/xpdf/patches/xpdf.XPDFViewer.diff | 11 + patches/source/xpdf/patches/xpdfrc.diff | 43 + patches/source/xpdf/slack-desc | 19 + patches/source/xpdf/xpdf.SlackBuild | 151 + patches/source/xpdf/xpdf.desktop | 98 + patches/source/xproto/arch.use.flags | 9 + patches/source/xproto/build/xproto | 1 + patches/source/xproto/configure/configure | 13 + patches/source/xproto/modularize | 279 + patches/source/xproto/noarch | 75 + patches/source/xproto/package-blacklist | 44 + .../source/xproto/post-install/xproto.post-install | 2 + patches/source/xproto/slack-desc/xproto | 19 + patches/source/xproto/x11.SlackBuild | 381 + patches/source/xproto/xproto.SlackBuild | 2 + patches/source/xrdb/arch.use.flags | 7 + patches/source/xrdb/build/xrdb | 1 + patches/source/xrdb/configure/configure | 12 + patches/source/xrdb/modularize | 293 + patches/source/xrdb/noarch | 81 + patches/source/xrdb/package-blacklist | 39 + patches/source/xrdb/slack-desc/xrdb | 19 + patches/source/xrdb/x11.SlackBuild | 364 + patches/source/xrdb/xrdb.SlackBuild | 2 + patches/source/yasm/slack-desc | 19 + patches/source/yasm/yasm.SlackBuild | 216 + 742 files changed, 88551 insertions(+) create mode 100755 patches/source/MPlayer/MPlayer.SlackBuild create mode 100644 patches/source/MPlayer/slack-desc create mode 100755 patches/source/acl/acl.SlackBuild create mode 100644 patches/source/acl/acl.destdir.diff create mode 100644 patches/source/acl/slack-desc create mode 100755 patches/source/apr-util/apr-util.SlackBuild create mode 100644 patches/source/apr-util/slack-desc create mode 100755 patches/source/apr/apr.SlackBuild create mode 100644 patches/source/apr/slack-desc create mode 100644 patches/source/bash/bash-4.1-patches/bash41-001 create mode 100644 patches/source/bash/bash-4.1-patches/bash41-002 create mode 100644 patches/source/bash/bash-4.1-patches/bash41-003 create mode 100644 patches/source/bash/bash-4.1-patches/bash41-004 create mode 100644 patches/source/bash/bash-4.1-patches/bash41-005 create mode 100644 patches/source/bash/bash-4.1-patches/bash41-006 create mode 100644 patches/source/bash/bash-4.1-patches/bash41-007 create mode 100644 patches/source/bash/bash-4.1-patches/bash41-008 create mode 100644 patches/source/bash/bash-4.1-patches/bash41-009 create mode 100644 patches/source/bash/bash-4.1-patches/bash41-010 create mode 100644 patches/source/bash/bash-4.1-patches/bash41-011 create mode 100644 patches/source/bash/bash-4.1-patches/bash41-012 create mode 100644 patches/source/bash/bash-4.1-patches/bash41-013 create mode 100644 patches/source/bash/bash-4.1-patches/bash41-014 create mode 100644 patches/source/bash/bash-4.1-patches/bash41-015 create mode 100644 patches/source/bash/bash-4.1-patches/bash41-016 create mode 100644 patches/source/bash/bash-4.1-patches/bash41-017 create mode 100644 patches/source/bash/bash.CVE-2016-0634.bash43-047 create mode 100644 patches/source/bash/bash.CVE-2016-7543.bash43-048 create mode 100755 patches/source/bash/bash.SlackBuild create mode 100644 patches/source/bash/doinst.sh create mode 100644 patches/source/bash/slack-desc create mode 100644 patches/source/bind/3link.sh create mode 100755 patches/source/bind/bind.SlackBuild create mode 100644 patches/source/bind/bind.so_bsdcompat.diff create mode 100644 patches/source/bind/caching-example/localhost.zone create mode 100644 patches/source/bind/caching-example/named.conf create mode 100644 patches/source/bind/caching-example/named.local create mode 100644 patches/source/bind/caching-example/named.root create mode 100644 patches/source/bind/doinst.sh create mode 100644 patches/source/bind/rc.bind create mode 100644 patches/source/bind/slack-desc create mode 100644 patches/source/bluez/bluez.CVE-2017-1000251.diff create mode 100755 patches/source/bluez/bluez.SlackBuild create mode 100644 patches/source/bluez/config/bluetooth.modprobe create mode 100644 patches/source/bluez/config/bluetooth.sh create mode 100644 patches/source/bluez/config/rc.bluetooth create mode 100644 patches/source/bluez/doinst.sh create mode 100644 patches/source/bluez/passkey-agent.c create mode 100644 patches/source/bluez/patches/bluez-dbus-config.patch create mode 100644 patches/source/bluez/patches/bluez-run_udev_helper.patch create mode 100644 patches/source/bluez/patches/bluez-unbreak_dell_mouse.patch create mode 100644 patches/source/bluez/slack-desc create mode 100755 patches/source/bzip2/bzip2.SlackBuild create mode 100644 patches/source/bzip2/bzip2.saneso.diff create mode 100644 patches/source/bzip2/slack-desc create mode 100644 patches/source/coreutils/DIR_COLORS create mode 100644 patches/source/coreutils/coreutils-dircolors.csh create mode 100644 patches/source/coreutils/coreutils-dircolors.sh create mode 100755 patches/source/coreutils/coreutils.SlackBuild create mode 100644 patches/source/coreutils/coreutils.uname.diff create mode 100644 patches/source/coreutils/doinst.sh create mode 100644 patches/source/coreutils/slack-desc create mode 100755 patches/source/cups/cups.SlackBuild create mode 100644 patches/source/cups/cups.fix_broken_locking.diff create mode 100644 patches/source/cups/doinst.sh create mode 100644 patches/source/cups/slack-desc create mode 100644 patches/source/cups/str4609-1.4.patch create mode 100644 patches/source/cups/usb-backend-both-usblp-and-libusb.dpatch create mode 100755 patches/source/curl/cacert-fetch.sh create mode 100644 patches/source/curl/cacert.pem create mode 100755 patches/source/curl/curl.SlackBuild create mode 100644 patches/source/curl/slack-desc create mode 100644 patches/source/dhcp/dhclient-script.PATH.diff create mode 100755 patches/source/dhcp/dhcp-remove-bind-tarball.sh create mode 100755 patches/source/dhcp/dhcp.SlackBuild create mode 100644 patches/source/dhcp/doinst.sh create mode 100644 patches/source/dhcp/slack-desc create mode 100644 patches/source/dhcpcd/50-ntp.conf.diff create mode 100644 patches/source/dhcpcd/COPYRIGHT create mode 100755 patches/source/dhcpcd/dhcpcd.SlackBuild create mode 100644 patches/source/dhcpcd/dhcpcd.dho_optionsoverloaded.dos.patch create mode 100644 patches/source/dhcpcd/doinst.sh create mode 100644 patches/source/dhcpcd/slack-desc create mode 100755 patches/source/dnsmasq/dnsmasq.SlackBuild create mode 100644 patches/source/dnsmasq/dnsmasq.leasedir.diff create mode 100644 patches/source/dnsmasq/doinst.sh create mode 100644 patches/source/dnsmasq/rc.dnsmasq create mode 100644 patches/source/dnsmasq/slack-desc create mode 100644 patches/source/emacs/doinst.sh create mode 100755 patches/source/emacs/emacs.SlackBuild create mode 100644 patches/source/emacs/slack-desc create mode 100755 patches/source/expat/expat.SlackBuild create mode 100644 patches/source/expat/slack-desc create mode 100755 patches/source/fetchmail/fetchmail.SlackBuild create mode 100644 patches/source/fetchmail/slack-desc create mode 100644 patches/source/fixesproto/arch.use.flags create mode 100644 patches/source/fixesproto/build/fixesproto create mode 100644 patches/source/fixesproto/configure/configure create mode 100755 patches/source/fixesproto/fixesproto.SlackBuild create mode 100644 patches/source/fixesproto/modularize create mode 100644 patches/source/fixesproto/noarch create mode 100644 patches/source/fixesproto/package-blacklist create mode 100644 patches/source/fixesproto/slack-desc/fixesproto create mode 100755 patches/source/fixesproto/x11.SlackBuild create mode 100644 patches/source/freetype/freetype.CVE-2017-8287.diff create mode 100755 patches/source/freetype/freetype.SlackBuild create mode 100644 patches/source/freetype/freetype.illadvisederror.diff create mode 100644 patches/source/freetype/freetype.subpixel.rendering.diff create mode 100644 patches/source/freetype/slack-desc create mode 100644 patches/source/ghostscript/cidfmap create mode 100644 patches/source/ghostscript/ghostscript-pdf2dsc.patch create mode 100755 patches/source/ghostscript/ghostscript.SlackBuild create mode 100644 patches/source/ghostscript/ghostscript.fix_black_page.diff create mode 100644 patches/source/ghostscript/slack-desc create mode 100644 patches/source/git/git-2.14.1.tar.sign create mode 100755 patches/source/git/git.SlackBuild create mode 100644 patches/source/git/git.url create mode 100644 patches/source/git/slack-desc create mode 100644 patches/source/glibc-zoneinfo/doinst.sh create mode 100755 patches/source/glibc-zoneinfo/glibc-zoneinfo.SlackBuild create mode 100644 patches/source/glibc-zoneinfo/slack-desc create mode 100755 patches/source/glibc-zoneinfo/timezone-scripts/output-updated-timeconfig.sh create mode 100644 patches/source/glibc-zoneinfo/timezone-scripts/parts/00 create mode 100644 patches/source/glibc-zoneinfo/timezone-scripts/parts/01 create mode 100644 patches/source/glibc-zoneinfo/timezone-scripts/parts/02 create mode 100644 patches/source/glibc-zoneinfo/timezone-scripts/parts/03 create mode 100644 patches/source/glibc-zoneinfo/timezone-scripts/parts/04 create mode 100644 patches/source/glibc-zoneinfo/timezone-scripts/parts/README create mode 100644 patches/source/glibc-zoneinfo/timezone-scripts/setup.timeconfig create mode 100644 patches/source/glibc-zoneinfo/timezone-scripts/timeconfig create mode 100644 patches/source/glibc/doinst.sh-glibc create mode 100644 patches/source/glibc/doinst.sh-glibc-solibs create mode 100644 patches/source/glibc/doinst.sh-glibc-zoneinfo create mode 100644 patches/source/glibc/glibc-2.10-dns-no-gethostbyname4.diff create mode 100644 patches/source/glibc/glibc-2.11.1.strtod.CVE-2012-3480.diff create mode 100755 patches/source/glibc/glibc-cvs-checkout.sh create mode 100644 patches/source/glibc/glibc.CVE-2009-5029.diff create mode 100644 patches/source/glibc/glibc.CVE-2010-3847.diff create mode 100644 patches/source/glibc/glibc.CVE-2010-3856.diff create mode 100644 patches/source/glibc/glibc.CVE-2013-4332.diff create mode 100644 patches/source/glibc/glibc.CVE-2015-0235.glibc2111.diff create mode 100755 patches/source/glibc/glibc.SlackBuild create mode 100644 patches/source/glibc/glibc.getcwd.max.macro.diff create mode 100644 patches/source/glibc/glibc.locale.no-archive.diff create mode 100644 patches/source/glibc/glibc.nis-netgroups.diff create mode 100644 patches/source/glibc/glibc.revert.to.fix.build.breakages.diff create mode 100644 patches/source/glibc/glibc.ru_RU.CP1251.diff create mode 100644 patches/source/glibc/is_IS.diff create mode 100755 patches/source/glibc/profile.d/glibc.csh.new create mode 100755 patches/source/glibc/profile.d/glibc.sh.new create mode 100644 patches/source/glibc/slack-desc.glibc create mode 100644 patches/source/glibc/slack-desc.glibc-debug create mode 100644 patches/source/glibc/slack-desc.glibc-i18n create mode 100644 patches/source/glibc/slack-desc.glibc-profile create mode 100644 patches/source/glibc/slack-desc.glibc-solibs create mode 100644 patches/source/glibc/slack-desc.glibc-solibs-linuxthreads create mode 100644 patches/source/glibc/slack-desc.glibc-zoneinfo create mode 100644 patches/source/glibc/timezone-scripts/output-updated-timeconfig.sh create mode 100644 patches/source/glibc/timezone-scripts/parts/00 create mode 100644 patches/source/glibc/timezone-scripts/parts/01 create mode 100644 patches/source/glibc/timezone-scripts/parts/02 create mode 100644 patches/source/glibc/timezone-scripts/parts/03 create mode 100644 patches/source/glibc/timezone-scripts/parts/04 create mode 100644 patches/source/glibc/timezone-scripts/parts/README create mode 100644 patches/source/glibc/timezone-scripts/setup.timeconfig create mode 100644 patches/source/glibc/timezone-scripts/timeconfig create mode 100755 patches/source/gnupg/gnupg.SlackBuild create mode 100644 patches/source/gnupg/slack-desc.gnupg create mode 100644 patches/source/gnupg2/gnupg-2.0.14-encode-s2k.patch create mode 100644 patches/source/gnupg2/gnupg2.CVE-2010-2547.diff create mode 100755 patches/source/gnupg2/gnupg2.SlackBuild create mode 100644 patches/source/gnupg2/slack-desc create mode 100644 patches/source/gnutls/gnutls-2.8.6_CVE-2009-3555.diff create mode 100644 patches/source/gnutls/gnutls-2.8.6_CVE-2011-4128.diff create mode 100644 patches/source/gnutls/gnutls-2.8.6_CVE-2012-1569.diff create mode 100644 patches/source/gnutls/gnutls-2.8.6_CVE-2012-1573.diff create mode 100644 patches/source/gnutls/gnutls-2.8.6_CVE-2013-1619_CVE-2013-2116.diff create mode 100644 patches/source/gnutls/gnutls-2.8.6_CVE-2014-0092.diff create mode 100644 patches/source/gnutls/gnutls-2.8.6_CVE-2014-3466.diff create mode 100644 patches/source/gnutls/gnutls-2.8.6_CVE-2014-3467.diff create mode 100644 patches/source/gnutls/gnutls-2.8.6_CVE-2014-3468.diff create mode 100644 patches/source/gnutls/gnutls-2.8.6_CVE-2014-3469.diff create mode 100644 patches/source/gnutls/gnutls-2.8.6_ipv6.diff create mode 100644 patches/source/gnutls/gnutls-2.8.6_libgcrypt150-fix.diff create mode 100755 patches/source/gnutls/gnutls.SlackBuild create mode 100644 patches/source/gnutls/slack-desc create mode 100644 patches/source/hplip/doinst.sh create mode 100644 patches/source/hplip/hplip.CVE-2010-4267.diff create mode 100644 patches/source/hplip/hplip.CVE-2013-4325.diff create mode 100755 patches/source/hplip/hplip.SlackBuild create mode 100644 patches/source/hplip/slack-desc create mode 100644 patches/source/httpd/README create mode 100644 patches/source/httpd/apache-2.2.CVE-2017-9798.optionsbleed.patch create mode 100644 patches/source/httpd/config.layout.diff create mode 100644 patches/source/httpd/doinst.sh create mode 100755 patches/source/httpd/httpd.SlackBuild create mode 100644 patches/source/httpd/httpd.brigade_move.__noinline__.gcc451.diff create mode 100644 patches/source/httpd/httpd.nossldefault.diff create mode 100644 patches/source/httpd/httpd.runasapache.diff create mode 100644 patches/source/httpd/httpd.url create mode 100644 patches/source/httpd/logrotate.httpd create mode 100644 patches/source/httpd/rc.httpd create mode 100644 patches/source/httpd/slack-desc create mode 100755 patches/source/imlib/imlib.SlackBuild create mode 100644 patches/source/imlib/imlib.mitshm.render.diff create mode 100644 patches/source/imlib/slack-desc create mode 100644 patches/source/inputproto/arch.use.flags create mode 100644 patches/source/inputproto/build/inputproto create mode 100644 patches/source/inputproto/configure/configure create mode 100755 patches/source/inputproto/inputproto.SlackBuild create mode 100644 patches/source/inputproto/modularize create mode 100644 patches/source/inputproto/noarch create mode 100644 patches/source/inputproto/package-blacklist create mode 100644 patches/source/inputproto/slack-desc/inputproto create mode 100755 patches/source/inputproto/x11.SlackBuild create mode 100644 patches/source/irssi/doinst.sh create mode 100755 patches/source/irssi/irssi.SlackBuild create mode 100644 patches/source/irssi/patch-src_irc_dcc_dcc-get_c.diff create mode 100644 patches/source/irssi/patch-src_irc_dcc_dcc-resume_c.diff create mode 100644 patches/source/irssi/slack-desc create mode 100755 patches/source/jasper/jasper.SlackBuild create mode 100644 patches/source/jasper/patches/jasper-1.900.1-CVE-2008-3520.patch create mode 100644 patches/source/jasper/patches/jasper-1.900.1-CVE-2008-3522.patch create mode 100644 patches/source/jasper/patches/jasper-1.900.1-CVE-2011-4516-CVE-2011-4517-CERT-VU-887409.patch create mode 100644 patches/source/jasper/patches/jasper-1.900.1-Coverity-BAD_SIZEOF.patch create mode 100644 patches/source/jasper/patches/jasper-1.900.1-Coverity-CHECKED_RETURN.patch create mode 100644 patches/source/jasper/patches/jasper-1.900.1-Coverity-FORWARD_NULL.patch create mode 100644 patches/source/jasper/patches/jasper-1.900.1-Coverity-NULL_RETURNS.patch create mode 100644 patches/source/jasper/patches/jasper-1.900.1-Coverity-RESOURCE_LEAK.patch create mode 100644 patches/source/jasper/patches/jasper-1.900.1-Coverity-UNREACHABLE.patch create mode 100644 patches/source/jasper/patches/jasper-1.900.1-Coverity-UNUSED_VALUE.patch create mode 100644 patches/source/jasper/patches/jasper-CVE-2014-8137.patch create mode 100644 patches/source/jasper/patches/jasper-CVE-2014-8138.patch create mode 100644 patches/source/jasper/patches/jasper-CVE-2014-8157.patch create mode 100644 patches/source/jasper/patches/jasper-CVE-2014-8158.patch create mode 100644 patches/source/jasper/patches/jasper-CVE-2014-9029.patch create mode 100644 patches/source/jasper/patches/jpc_dec.c.patch create mode 100644 patches/source/jasper/patches/patch-libjasper-stepsizes-overflow.diff create mode 100644 patches/source/jasper/slack-desc create mode 100644 patches/source/k3b/KDE.options create mode 100755 patches/source/k3b/KDE_extra.SlackBuild create mode 100644 patches/source/k3b/k3b/doinst.sh create mode 100755 patches/source/k3b/k3b/k3b.SlackBuild create mode 100644 patches/source/k3b/k3b/local.options create mode 100644 patches/source/k3b/k3b/slack-desc create mode 100644 patches/source/kdegraphics/kdegraphics-4.4.x.okular.CVE-2010-2575.diff create mode 100755 patches/source/kdegraphics/kdegraphics.SlackBuild create mode 100644 patches/source/kdegraphics/local.options create mode 100644 patches/source/kdelibs/KDE.options create mode 100644 patches/source/kdelibs/doinst.sh create mode 100644 patches/source/kdelibs/kdelibs.4.4.x.CVE-2011-1168.diff create mode 100755 patches/source/kdelibs/kdelibs.SlackBuild create mode 100644 patches/source/kdelibs/kdesu-allow_NOPASS_in_suauth.patch create mode 100644 patches/source/kdelibs/local.options create mode 100644 patches/source/kdelibs/slack-desc create mode 100644 patches/source/libX11/arch.use.flags create mode 100644 patches/source/libX11/build/libX11 create mode 100644 patches/source/libX11/configure/libX11 create mode 100755 patches/source/libX11/libX11.SlackBuild create mode 100644 patches/source/libX11/modularize create mode 100644 patches/source/libX11/noarch create mode 100644 patches/source/libX11/package-blacklist create mode 100644 patches/source/libX11/post-install/libX11.post-install create mode 100644 patches/source/libX11/slack-desc/libX11 create mode 100755 patches/source/libX11/x11.SlackBuild create mode 100644 patches/source/libXcursor/arch.use.flags create mode 100755 patches/source/libXcursor/build/increment.sh create mode 100644 patches/source/libXcursor/build/libXcursor create mode 100644 patches/source/libXcursor/configure/configure create mode 100755 patches/source/libXcursor/libXcursor.SlackBuild create mode 100644 patches/source/libXcursor/modularize create mode 100644 patches/source/libXcursor/noarch create mode 100644 patches/source/libXcursor/package-blacklist create mode 100644 patches/source/libXcursor/slack-desc/libXcursor create mode 100755 patches/source/libXcursor/x11-build-script.sh create mode 100644 patches/source/libXext/arch.use.flags create mode 100644 patches/source/libXext/build/libXext create mode 100644 patches/source/libXext/configure/configure create mode 100755 patches/source/libXext/libXext.SlackBuild create mode 100644 patches/source/libXext/modularize create mode 100644 patches/source/libXext/noarch create mode 100644 patches/source/libXext/package-blacklist create mode 100644 patches/source/libXext/slack-desc/libXext create mode 100755 patches/source/libXext/x11.SlackBuild create mode 100644 patches/source/libXfixes/arch.use.flags create mode 100644 patches/source/libXfixes/build/libXfixes create mode 100644 patches/source/libXfixes/configure/configure create mode 100755 patches/source/libXfixes/libXfixes.SlackBuild create mode 100644 patches/source/libXfixes/modularize create mode 100644 patches/source/libXfixes/noarch create mode 100644 patches/source/libXfixes/package-blacklist create mode 100644 patches/source/libXfixes/slack-desc/libXfixes create mode 100755 patches/source/libXfixes/x11.SlackBuild create mode 100644 patches/source/libXfont/arch.use.flags create mode 100755 patches/source/libXfont/build/increment.sh create mode 100644 patches/source/libXfont/build/libXfont create mode 100644 patches/source/libXfont/configure/configure create mode 100755 patches/source/libXfont/libXfont.SlackBuild create mode 100644 patches/source/libXfont/modularize create mode 100644 patches/source/libXfont/noarch create mode 100644 patches/source/libXfont/package-blacklist create mode 100644 patches/source/libXfont/patch/libXfont.patch create mode 100644 patches/source/libXfont/patch/libXfont/libXfont.CVE-2017-16611.diff create mode 100644 patches/source/libXfont/slack-desc/libXfont create mode 100755 patches/source/libXfont/x11-build-script.sh create mode 100644 patches/source/libXi/arch.use.flags create mode 100644 patches/source/libXi/build/libXi create mode 100644 patches/source/libXi/configure/configure create mode 100755 patches/source/libXi/libXi.SlackBuild create mode 100644 patches/source/libXi/modularize create mode 100644 patches/source/libXi/noarch create mode 100644 patches/source/libXi/package-blacklist create mode 100644 patches/source/libXi/slack-desc/libXi create mode 100644 patches/source/libXi/slack-desc/libXinerama create mode 100755 patches/source/libXi/x11.SlackBuild create mode 100644 patches/source/libXrandr/arch.use.flags create mode 100644 patches/source/libXrandr/build/libXrandr create mode 100644 patches/source/libXrandr/configure/configure create mode 100755 patches/source/libXrandr/libXrandr.SlackBuild create mode 100644 patches/source/libXrandr/modularize create mode 100644 patches/source/libXrandr/noarch create mode 100644 patches/source/libXrandr/package-blacklist create mode 100644 patches/source/libXrandr/slack-desc/libXrandr create mode 100755 patches/source/libXrandr/x11.SlackBuild create mode 100644 patches/source/libXrender/arch.use.flags create mode 100644 patches/source/libXrender/build/libXrender create mode 100644 patches/source/libXrender/configure/configure create mode 100755 patches/source/libXrender/libXrender.SlackBuild create mode 100644 patches/source/libXrender/modularize create mode 100644 patches/source/libXrender/noarch create mode 100644 patches/source/libXrender/package-blacklist create mode 100644 patches/source/libXrender/slack-desc/libXrender create mode 100755 patches/source/libXrender/x11.SlackBuild create mode 100644 patches/source/libXtst/arch.use.flags create mode 100644 patches/source/libXtst/build/libXtst create mode 100644 patches/source/libXtst/configure/configure create mode 100755 patches/source/libXtst/libXtst.SlackBuild create mode 100644 patches/source/libXtst/modularize create mode 100644 patches/source/libXtst/noarch create mode 100644 patches/source/libXtst/package-blacklist create mode 100644 patches/source/libXtst/slack-desc/libXtst create mode 100755 patches/source/libXtst/x11.SlackBuild create mode 100644 patches/source/libXv/arch.use.flags create mode 100644 patches/source/libXv/build/libXv create mode 100644 patches/source/libXv/configure/configure create mode 100755 patches/source/libXv/libXv.SlackBuild create mode 100644 patches/source/libXv/modularize create mode 100644 patches/source/libXv/noarch create mode 100644 patches/source/libXv/package-blacklist create mode 100644 patches/source/libXv/slack-desc/libXv create mode 100644 patches/source/libXv/slack-desc/libXvMC create mode 100755 patches/source/libXv/x11.SlackBuild create mode 100644 patches/source/libXvMC/arch.use.flags create mode 100644 patches/source/libXvMC/build/libXvMC create mode 100644 patches/source/libXvMC/configure/configure create mode 100755 patches/source/libXvMC/libXvMC.SlackBuild create mode 100644 patches/source/libXvMC/modularize create mode 100644 patches/source/libXvMC/noarch create mode 100644 patches/source/libXvMC/package-blacklist create mode 100644 patches/source/libXvMC/slack-desc/libXvMC create mode 100755 patches/source/libXvMC/x11.SlackBuild create mode 100755 patches/source/libexif/libexif.SlackBuild create mode 100644 patches/source/libexif/libexif.pc.diff create mode 100644 patches/source/libexif/slack-desc create mode 100755 patches/source/libgcrypt/libgcrypt.SlackBuild create mode 100644 patches/source/libgcrypt/slack-desc create mode 100755 patches/source/libgpg-error/libgpg-error.SlackBuild create mode 100644 patches/source/libgpg-error/slack-desc create mode 100755 patches/source/libidn/libidn.SlackBuild create mode 100644 patches/source/libidn/slack-desc create mode 100755 patches/source/libiodbc/libiodbc.SlackBuild create mode 100644 patches/source/libiodbc/libiodbc.disable.rpath.diff create mode 100644 patches/source/libiodbc/slack-desc create mode 100644 patches/source/libjpeg/jpeg.CVE-2013-6629.diff create mode 100755 patches/source/libjpeg/libjpeg.SlackBuild create mode 100644 patches/source/libjpeg/slack-desc create mode 100755 patches/source/libpng/libpng.SlackBuild create mode 100644 patches/source/libpng/slack-desc create mode 100755 patches/source/libtiff/libtiff.SlackBuild create mode 100644 patches/source/libtiff/slack-desc create mode 100644 patches/source/libtiff/tiff-3.9.7_CVE-2012-4447_CVE-2012-4564_CVE-2013-1960_CVE-2013-1961.diff create mode 100644 patches/source/libtiff/tiff-3.9.7_CVE-2013-4231.diff create mode 100644 patches/source/libtiff/tiff-3.9.7_CVE-2013-4232.diff create mode 100644 patches/source/libtiff/tiff-3.9.7_CVE-2013-4244.diff create mode 100644 patches/source/libwmf/libwmf-0.2.8.4-CVE-2004-0941.patch create mode 100644 patches/source/libwmf/libwmf-0.2.8.4-CVE-2006-3376.patch create mode 100644 patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-0455.patch create mode 100644 patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-2756.patch create mode 100644 patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-3472.patch create mode 100644 patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-3473.patch create mode 100644 patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-3477.patch create mode 100644 patches/source/libwmf/libwmf-0.2.8.4-CVE-2009-3546.patch create mode 100644 patches/source/libwmf/libwmf-0.2.8.4-CVE-2015-0848+CVE-2015-4588.patch create mode 100644 patches/source/libwmf/libwmf-0.2.8.4-CVE-2015-4695.patch create mode 100644 patches/source/libwmf/libwmf-0.2.8.4-CVE-2015-4696.patch create mode 100644 patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-10167.patch create mode 100644 patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-10168.patch create mode 100644 patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-9011.patch create mode 100644 patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-9317.patch create mode 100644 patches/source/libwmf/libwmf-0.2.8.4-CVE-2017-6362.patch create mode 100644 patches/source/libwmf/libwmf-0.2.8.4-fallbackfont.patch create mode 100644 patches/source/libwmf/libwmf-0.2.8.4-pixbufloaderdir.patch create mode 100644 patches/source/libwmf/libwmf-0.2.8.4-reducesymbols.patch create mode 100644 patches/source/libwmf/libwmf-0.2.8.4-useafterfree.patch create mode 100755 patches/source/libwmf/libwmf.SlackBuild create mode 100644 patches/source/libwmf/libwmf.png14.diff create mode 100644 patches/source/libwmf/slack-desc create mode 100644 patches/source/libxcb/arch.use.flags create mode 100644 patches/source/libxcb/build/libxcb create mode 100644 patches/source/libxcb/configure/libxcb create mode 100755 patches/source/libxcb/libxcb.SlackBuild create mode 100644 patches/source/libxcb/modularize create mode 100644 patches/source/libxcb/noarch create mode 100644 patches/source/libxcb/package-blacklist create mode 100644 patches/source/libxcb/post-install/libxcb.post-install create mode 100644 patches/source/libxcb/slack-desc/libxcb create mode 100755 patches/source/libxcb/x11.SlackBuild create mode 100644 patches/source/libxml2/libxml.CVE-2011-3102.diff create mode 100644 patches/source/libxml2/libxml2.CVE-2012-5134.diff create mode 100755 patches/source/libxml2/libxml2.SlackBuild create mode 100644 patches/source/libxml2/slack-desc create mode 100755 patches/source/libyaml/libyaml.SlackBuild create mode 100644 patches/source/libyaml/libyaml.url create mode 100644 patches/source/libyaml/slack-desc create mode 100644 patches/source/linux-2.6.33.4/kernel.CVE-2010-3081.diff create mode 100644 patches/source/linux-2.6.33.4/kernel.CVE-2010-3301.a.diff create mode 100644 patches/source/linux-2.6.33.4/kernel.CVE-2010-3301.b.diff create mode 100644 patches/source/linux-2.6.33.4/kernel.compat.2.6.33.x.diff create mode 100755 patches/source/lm_sensors/lm_sensors.SlackBuild create mode 100644 patches/source/lm_sensors/lm_sensors.makefile.diff create mode 100644 patches/source/lm_sensors/slack-desc create mode 100644 patches/source/lynx/doinst.sh create mode 100755 patches/source/lynx/lynx.SlackBuild create mode 100644 patches/source/lynx/lynx.cfg.diff create mode 100644 patches/source/lynx/slack-desc create mode 100644 patches/source/mailx/doinst.sh create mode 100644 patches/source/mailx/heirloom-mailx-12.5-fixes-1.patch create mode 100755 patches/source/mailx/mailx.SlackBuild create mode 100644 patches/source/mailx/slack-desc create mode 100644 patches/source/mercurial/doinst.sh create mode 100755 patches/source/mercurial/mercurial.SlackBuild create mode 100644 patches/source/mercurial/slack-desc create mode 100644 patches/source/minicom/config.sub-x86_64.diff create mode 100644 patches/source/minicom/doinst.sh create mode 100644 patches/source/minicom/lrzsz_0.12.21-5.diff create mode 100755 patches/source/minicom/minicom.SlackBuild create mode 100644 patches/source/minicom/minicom.users create mode 100644 patches/source/minicom/slack-desc create mode 100644 patches/source/mozilla-firefox/firefox.moz_plugin_path.diff create mode 100644 patches/source/mozilla-firefox/firefox.png create mode 100644 patches/source/mozilla-firefox/mimeTypes.rdf create mode 100644 patches/source/mozilla-firefox/mozilla-firefox-mimeTypes-fix.diff create mode 100755 patches/source/mozilla-firefox/mozilla-firefox.SlackBuild create mode 100644 patches/source/mozilla-firefox/mozilla-firefox.desktop create mode 100644 patches/source/mozilla-firefox/slack-desc create mode 100644 patches/source/mozilla-thunderbird/mimeTypes.rdf create mode 100755 patches/source/mozilla-thunderbird/mozilla-thunderbird.SlackBuild create mode 100644 patches/source/mozilla-thunderbird/mozilla-thunderbird.desktop create mode 100644 patches/source/mozilla-thunderbird/slack-desc create mode 100644 patches/source/mozilla-thunderbird/thunderbird.png create mode 100644 patches/source/mysql/doinst.sh create mode 100644 patches/source/mysql/mirror-url create mode 100755 patches/source/mysql/mysql-embedded.build create mode 100644 patches/source/mysql/mysql.CVE-2014-0001.diff create mode 100755 patches/source/mysql/mysql.SlackBuild create mode 100644 patches/source/mysql/mysql.openssl0.diff create mode 100644 patches/source/mysql/rc.mysqld create mode 100644 patches/source/mysql/slack-desc create mode 100644 patches/source/ntp/doinst.sh create mode 100755 patches/source/ntp/ntp.SlackBuild create mode 100644 patches/source/ntp/ntp.conf create mode 100644 patches/source/ntp/ntp.keys create mode 100644 patches/source/ntp/ntp.nano.diff create mode 100644 patches/source/ntp/rc.ntpd create mode 100644 patches/source/ntp/slack-desc create mode 100644 patches/source/openssh/doinst.sh create mode 100644 patches/source/openssh/openssh-7.4p1-libwrap.diff create mode 100644 patches/source/openssh/openssh.CVE-2017-15906.patch create mode 100755 patches/source/openssh/openssh.SlackBuild create mode 100644 patches/source/openssh/rc.sshd create mode 100644 patches/source/openssh/slack-desc create mode 100644 patches/source/openssl/certwatch create mode 100644 patches/source/openssl/doinst.sh-openssl create mode 100644 patches/source/openssl/doinst.sh-openssl-solibs create mode 100755 patches/source/openssl/openssl.SlackBuild create mode 100644 patches/source/openssl/openssl.no.weak.sslv2.ciphers.diff create mode 100644 patches/source/openssl/openssl.no.weak.sslv3.ciphers.diff create mode 100644 patches/source/openssl/openssl.optsx86.diff create mode 100644 patches/source/openssl/openssl.soname.diff create mode 100644 patches/source/openssl/slack-desc.openssl create mode 100644 patches/source/openssl/slack-desc.openssl-solibs create mode 100644 patches/source/openvpn/README create mode 100644 patches/source/openvpn/doinst.sh create mode 100755 patches/source/openvpn/openvpn.SlackBuild create mode 100644 patches/source/openvpn/openvpn.url create mode 100644 patches/source/openvpn/rc.openvpn create mode 100644 patches/source/openvpn/slack-desc create mode 100644 patches/source/openvpn/slackware.conf create mode 100644 patches/source/patch/0001-Refuse-to-apply-ed-scripts-by-default.patch create mode 100755 patches/source/patch/patch.SlackBuild create mode 100644 patches/source/patch/slack-desc create mode 100644 patches/source/perl/10_hash.t create mode 100644 patches/source/perl/hash.t create mode 100644 patches/source/perl/hv.c create mode 100755 patches/source/perl/perl.SlackBuild create mode 100644 patches/source/perl/perl.configure.multilib.patch create mode 100644 patches/source/perl/slack-desc create mode 100644 patches/source/php/doinst.sh create mode 100755 patches/source/php/fetch-php.sh create mode 100644 patches/source/php/mod_php.conf.example create mode 100755 patches/source/php/php.SlackBuild create mode 100644 patches/source/php/php.ini-development.diff create mode 100644 patches/source/php/php.session.save_path.diff create mode 100644 patches/source/php/slack-desc create mode 100755 patches/source/pidgin/pidgin.SlackBuild create mode 100644 patches/source/pidgin/purple-allow-sign-rsa-md5.patch create mode 100644 patches/source/pidgin/slack-desc create mode 100644 patches/source/polkit/CVE-2011-1485/0001-PolkitUnixProcess-Clarify-that-the-real-uid-is-retur.patch create mode 100644 patches/source/polkit/CVE-2011-1485/0002-Make-PolkitUnixProcess-also-record-the-uid-of-the-pr.patch create mode 100644 patches/source/polkit/CVE-2011-1485/0003-Use-polkit_unix_process_get_uid-to-get-the-owner-of-.patch create mode 100644 patches/source/polkit/CVE-2011-1485/0004-pkexec-Avoid-TOCTTOU-problems-with-parent-process.patch create mode 100644 patches/source/polkit/polkit-1-shadow.diff create mode 100755 patches/source/polkit/polkit.SlackBuild create mode 100644 patches/source/polkit/slack-desc create mode 100644 patches/source/poppler/poppler-0.12.4-CVE-2010-3702.patch create mode 100644 patches/source/poppler/poppler-0.12.4-CVE-2010-3703.patch create mode 100644 patches/source/poppler/poppler-0.12.4-CVE-2010-3704.patch create mode 100755 patches/source/poppler/poppler.SlackBuild create mode 100644 patches/source/poppler/slack-desc create mode 100644 patches/source/ppp/doinst.sh create mode 100644 patches/source/ppp/options.new create mode 100644 patches/source/ppp/ppp.CVE-2014-3158.diff create mode 100644 patches/source/ppp/ppp.CVE-2015-3310.diff create mode 100755 patches/source/ppp/ppp.SlackBuild create mode 100644 patches/source/ppp/ppp.slack.diff create mode 100644 patches/source/ppp/pppsetup-1.98.backupfiles.diff create mode 100644 patches/source/ppp/pppsetup-1.98.moredevs.diff create mode 100644 patches/source/ppp/pppsetup-1.98.pppoff.diff create mode 100644 patches/source/ppp/pppsetup-1.98.slack.diff create mode 100644 patches/source/ppp/radius.msdict create mode 100644 patches/source/ppp/realms create mode 100644 patches/source/ppp/servers create mode 100644 patches/source/ppp/slack-desc create mode 100644 patches/source/proftpd/doinst.sh create mode 100644 patches/source/proftpd/etc/ftpusers create mode 100644 patches/source/proftpd/etc/proftpd.conf create mode 100755 patches/source/proftpd/proftpd.SlackBuild create mode 100644 patches/source/proftpd/slack-desc create mode 100644 patches/source/randrproto/arch.use.flags create mode 100644 patches/source/randrproto/build/randrproto create mode 100644 patches/source/randrproto/configure/configure create mode 100644 patches/source/randrproto/modularize create mode 100644 patches/source/randrproto/noarch create mode 100644 patches/source/randrproto/package-blacklist create mode 100755 patches/source/randrproto/randrproto.SlackBuild create mode 100644 patches/source/randrproto/slack-desc/randrproto create mode 100755 patches/source/randrproto/x11.SlackBuild create mode 100644 patches/source/rdesktop/rdesktop.CVE-2011-1595.diff create mode 100755 patches/source/rdesktop/rdesktop.SlackBuild create mode 100644 patches/source/rdesktop/slack-desc create mode 100644 patches/source/recordproto/arch.use.flags create mode 100644 patches/source/recordproto/build/recordproto create mode 100644 patches/source/recordproto/configure/configure create mode 100644 patches/source/recordproto/modularize create mode 100644 patches/source/recordproto/noarch create mode 100644 patches/source/recordproto/package-blacklist create mode 100755 patches/source/recordproto/recordproto.SlackBuild create mode 100644 patches/source/recordproto/slack-desc/recordproto create mode 100755 patches/source/recordproto/x11.SlackBuild create mode 100755 patches/source/rsync/rsync.SlackBuild create mode 100644 patches/source/rsync/slack-desc create mode 100755 patches/source/ruby/ruby.SlackBuild create mode 100644 patches/source/ruby/slack-desc create mode 100644 patches/source/rxvt/rxvt-integer-overflow-fix.patch create mode 100755 patches/source/rxvt/rxvt.SlackBuild create mode 100644 patches/source/rxvt/rxvt.utempter.diff create mode 100644 patches/source/rxvt/slack-desc create mode 100644 patches/source/samba/doinst.sh create mode 100755 patches/source/samba/prune-samba.sh create mode 100644 patches/source/samba/rc.samba create mode 100644 patches/source/samba/samba-4.6.3-4.5.9-4.4.13-CVE-2017-7494.patch create mode 100755 patches/source/samba/samba.SlackBuild create mode 100644 patches/source/samba/slack-desc create mode 100644 patches/source/samba/smb.conf.default create mode 100644 patches/source/samba/smb.conf.default.orig create mode 100644 patches/source/samba/smb.conf.diff create mode 100644 patches/source/samba/talloc.pc create mode 100644 patches/source/sdl/sdl-1.2.14-fix-mouse-clicking.patch create mode 100755 patches/source/sdl/sdl.SlackBuild create mode 100644 patches/source/sdl/sdl.linux-2.6.31.input_absinfo.diff create mode 100644 patches/source/sdl/slack-desc create mode 100644 patches/source/seamonkey/doinst.sh create mode 100644 patches/source/seamonkey/pkgconfig/seamonkey-gtkmozembed.pc create mode 100644 patches/source/seamonkey/pkgconfig/seamonkey-js.pc create mode 100644 patches/source/seamonkey/pkgconfig/seamonkey-nspr.pc create mode 100644 patches/source/seamonkey/pkgconfig/seamonkey-nss.pc create mode 100644 patches/source/seamonkey/pkgconfig/seamonkey-plugin.pc create mode 100644 patches/source/seamonkey/pkgconfig/seamonkey-xpcom.pc create mode 100644 patches/source/seamonkey/seamonkey-icon.png create mode 100644 patches/source/seamonkey/seamonkey-mail-icon.png create mode 100644 patches/source/seamonkey/seamonkey-mail.desktop create mode 100755 patches/source/seamonkey/seamonkey.SlackBuild create mode 100644 patches/source/seamonkey/seamonkey.desktop create mode 100644 patches/source/seamonkey/slack-desc create mode 100644 patches/source/sendmail/Build create mode 100755 patches/source/sendmail/SlackBuild-sendmail create mode 100755 patches/source/sendmail/SlackBuild-sendmail-cf create mode 100644 patches/source/sendmail/linux.uucp.mc create mode 100644 patches/source/sendmail/sendmail-slackware-tls-sasl.mc create mode 100644 patches/source/sendmail/sendmail-slackware-tls.mc create mode 100644 patches/source/sendmail/sendmail-slackware.mc create mode 100755 patches/source/sendmail/sendmail.SlackBuild create mode 100644 patches/source/sendmail/site.config.m4 create mode 100644 patches/source/sendmail/slack-desc.sendmail create mode 100644 patches/source/sendmail/slack-desc.sendmail-cf create mode 100644 patches/source/shadow/adduser create mode 100644 patches/source/shadow/doinst.sh create mode 100644 patches/source/shadow/login.defs create mode 100644 patches/source/shadow/patches/README_PATCHES create mode 100644 patches/source/shadow/patches/r3054.diff create mode 100644 patches/source/shadow/patches/r3055.diff create mode 100644 patches/source/shadow/patches/r3060.diff create mode 100644 patches/source/shadow/patches/r3062.diff create mode 100644 patches/source/shadow/patches/r3096.diff create mode 100644 patches/source/shadow/patches/r3160.diff create mode 100644 patches/source/shadow/patches/r3194.diff create mode 100644 patches/source/shadow/patches/r3299.diff create mode 100755 patches/source/shadow/shadow.SlackBuild create mode 100644 patches/source/shadow/shadow.url create mode 100644 patches/source/shadow/slack-desc create mode 100644 patches/source/shadow/useradd create mode 100644 patches/source/slocate/slack-desc create mode 100644 patches/source/slocate/slocate-3.1.tar.gz.sign create mode 100644 patches/source/slocate/slocate.CVE-2007-0277.diff create mode 100755 patches/source/slocate/slocate.SlackBuild create mode 100644 patches/source/slocate/slocate.bigfile.diff create mode 100644 patches/source/stunnel/doinst.sh create mode 100644 patches/source/stunnel/generate-stunnel-key.sh create mode 100644 patches/source/stunnel/slack-desc create mode 100755 patches/source/stunnel/stunnel.SlackBuild create mode 100755 patches/source/subversion/get-svn-book.sh create mode 100644 patches/source/subversion/slack-desc create mode 100755 patches/source/subversion/subversion.SlackBuild create mode 100644 patches/source/sudo/doinst.sh create mode 100644 patches/source/sudo/slack-desc create mode 100755 patches/source/sudo/sudo.SlackBuild create mode 100644 patches/source/t1lib/slack-desc create mode 100755 patches/source/t1lib/t1lib.SlackBuild create mode 100644 patches/source/t1lib/t1lib_5.1.2-3.5.diff create mode 100644 patches/source/vsftpd/doinst.sh create mode 100644 patches/source/vsftpd/slack-desc create mode 100755 patches/source/vsftpd/vsftpd.SlackBuild create mode 100644 patches/source/vsftpd/vsftpd.builddefs.diff create mode 100644 patches/source/vsftpd/vsftpd.conf.diff create mode 100644 patches/source/vsftpd/vsftpd.log create mode 100644 patches/source/wget/doinst.sh create mode 100644 patches/source/wget/slack-desc create mode 100755 patches/source/wget/wget.SlackBuild create mode 100644 patches/source/wicd/README.SLACKWARE create mode 100644 patches/source/wicd/doinst.sh create mode 100644 patches/source/wicd/slack-desc create mode 100644 patches/source/wicd/wicd-1.7.2.4.sanitize.string.bugfix.diff create mode 100755 patches/source/wicd/wicd.SlackBuild create mode 100644 patches/source/xcb-proto/arch.use.flags create mode 100644 patches/source/xcb-proto/build/xcb-proto create mode 100644 patches/source/xcb-proto/configure/configure create mode 100644 patches/source/xcb-proto/modularize create mode 100644 patches/source/xcb-proto/noarch create mode 100644 patches/source/xcb-proto/package-blacklist create mode 100644 patches/source/xcb-proto/post-install/xcb-proto.post-install create mode 100644 patches/source/xcb-proto/slack-desc/xcb-proto create mode 100755 patches/source/xcb-proto/x11.SlackBuild create mode 100755 patches/source/xcb-proto/xcb-proto.SlackBuild create mode 100644 patches/source/xextproto/arch.use.flags create mode 100644 patches/source/xextproto/build/xextproto create mode 100644 patches/source/xextproto/configure/configure create mode 100644 patches/source/xextproto/modularize create mode 100644 patches/source/xextproto/noarch create mode 100644 patches/source/xextproto/package-blacklist create mode 100644 patches/source/xextproto/slack-desc/xextproto create mode 100755 patches/source/xextproto/x11.SlackBuild create mode 100755 patches/source/xextproto/xextproto.SlackBuild create mode 100644 patches/source/xorg-server/arch.use.flags create mode 100644 patches/source/xorg-server/build/xorg-server create mode 100644 patches/source/xorg-server/configure/xorg-server create mode 100644 patches/source/xorg-server/makepkg/xorg-server create mode 100644 patches/source/xorg-server/modularize create mode 100644 patches/source/xorg-server/noarch create mode 100644 patches/source/xorg-server/package-blacklist create mode 100644 patches/source/xorg-server/patch/xorg-server.patch create mode 100644 patches/source/xorg-server/patch/xorg-server/x11.startwithblackscreen.diff create mode 100644 patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2010-2240.diff create mode 100644 patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2013-4396.diff create mode 100644 patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-10971.diff create mode 100644 patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-10972.diff create mode 100644 patches/source/xorg-server/patch/xorg-server/xorg-server.fb.fbpict.c.mod.diff create mode 100644 patches/source/xorg-server/post-install/xorg-server.post-install create mode 100644 patches/source/xorg-server/slack-desc/xorg-server create mode 100644 patches/source/xorg-server/slack-desc/xorg-server-xephyr create mode 100644 patches/source/xorg-server/slack-desc/xorg-server-xnest create mode 100644 patches/source/xorg-server/slack-desc/xorg-server-xvfb create mode 100755 patches/source/xorg-server/x11.SlackBuild create mode 100755 patches/source/xorg-server/xorg-server.SlackBuild create mode 100644 patches/source/xpdf/doinst.sh create mode 100644 patches/source/xpdf/lang/xpdf-arabic.diff create mode 100644 patches/source/xpdf/lang/xpdf-chinese-simplified.diff create mode 100644 patches/source/xpdf/lang/xpdf-chinese-traditional.diff create mode 100644 patches/source/xpdf/lang/xpdf-cyrillic.diff create mode 100644 patches/source/xpdf/lang/xpdf-greek.diff create mode 100644 patches/source/xpdf/lang/xpdf-hebrew.diff create mode 100644 patches/source/xpdf/lang/xpdf-japanese.diff create mode 100644 patches/source/xpdf/lang/xpdf-korean.diff create mode 100644 patches/source/xpdf/lang/xpdf-latin2.diff create mode 100644 patches/source/xpdf/lang/xpdf-thai.diff create mode 100644 patches/source/xpdf/lang/xpdf-turkish.diff create mode 100644 patches/source/xpdf/patches/xpdf-3.03-CVE-2012-2142.diff create mode 100644 patches/source/xpdf/patches/xpdf.XPDFViewer.diff create mode 100644 patches/source/xpdf/patches/xpdfrc.diff create mode 100644 patches/source/xpdf/slack-desc create mode 100755 patches/source/xpdf/xpdf.SlackBuild create mode 100644 patches/source/xpdf/xpdf.desktop create mode 100644 patches/source/xproto/arch.use.flags create mode 100644 patches/source/xproto/build/xproto create mode 100644 patches/source/xproto/configure/configure create mode 100644 patches/source/xproto/modularize create mode 100644 patches/source/xproto/noarch create mode 100644 patches/source/xproto/package-blacklist create mode 100644 patches/source/xproto/post-install/xproto.post-install create mode 100644 patches/source/xproto/slack-desc/xproto create mode 100755 patches/source/xproto/x11.SlackBuild create mode 100755 patches/source/xproto/xproto.SlackBuild create mode 100644 patches/source/xrdb/arch.use.flags create mode 100644 patches/source/xrdb/build/xrdb create mode 100644 patches/source/xrdb/configure/configure create mode 100644 patches/source/xrdb/modularize create mode 100644 patches/source/xrdb/noarch create mode 100644 patches/source/xrdb/package-blacklist create mode 100644 patches/source/xrdb/slack-desc/xrdb create mode 100755 patches/source/xrdb/x11.SlackBuild create mode 100755 patches/source/xrdb/xrdb.SlackBuild create mode 100644 patches/source/yasm/slack-desc create mode 100755 patches/source/yasm/yasm.SlackBuild (limited to 'patches/source') diff --git a/patches/source/MPlayer/MPlayer.SlackBuild b/patches/source/MPlayer/MPlayer.SlackBuild new file mode 100755 index 00000000..89d94ff2 --- /dev/null +++ b/patches/source/MPlayer/MPlayer.SlackBuild @@ -0,0 +1,488 @@ +#!/bin/sh +# $Id: MPlayer.SlackBuild,v 1.27 2012/07/01 13:07:08 root Exp root $ +# Copyright 2006, 2007, 2008, 2010, 2011, 2012 Eric Hameleers, Eindhoven, NL +# Copyright 2013 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Permission to use, copy, modify, and distribute this software for +# any purpose with or without fee is hereby granted, provided that +# the above copyright notice and this permission notice appear in all +# copies. +# +# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +# IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF +# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT +# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# ----------------------------------------------------------------------------- +# +# Slackware SlackBuild script +# =========================== +# By: Eric Hameleers +# For: MPlayer +# Descr: a movie player for LINUX +# URL: http://www.mplayerhq.hu/ +# Needs: +# Changelog: +# 1.0rc1-1: 05/Nov/2006 by Eric Hameleers +# * Initial build. +# 1.0rc1-2: 07/Nov/2006 by Eric Hameleers +# * Removed MPlayer's internal libdvdcss code from the build, so +# that MPlayer no longer plays encrypted DVD's by default (and the +# package is now safe to upload to public repositories). +# If it is allowed in your country, you can either install +# libdvdcss (which is picked up automatically by MPlayer), or +# rebuild MPlayer yourself using this SlackBuild - and set the +# variable REMOVECSS="no" first (see further down). +# Use this commandline if you can't or won't modify the script: +# REMOVECSS="no" ./MPlayer.SlackBuild +# 1.0rc1-3: 08/Nov/2006 by Eric Hameleers +# * Install the mplayer.conf into correct location '/etc/mplayer/' +# 1.0rc1-4: 15/mar/2007 by Eric Hameleers +# * Differentiate between versions of X11 (modular X has another +# install-prefix); update default skin; enable mplayer menu; +# add security fix +# 1.0rc1-5: 07/jun/2007 by Eric Hameleers +# * Add security fix. +# 1.0rc2-1: 09/oct/2007 by Eric Hameleers +# * New version. +# 1.0rc2-2: 01/feb/2008 by Eric Hameleers +# * Apply 4 security fixes. +# 1.0rc2-3: 10/mar/2008 by Eric Hameleers +# * Apply a patch that allows compilation against the ivtv driver +# in the 2.6.24.x kernels. +# r28148-1: 14/dec/2008 by Eric Hameleers +# * Build SVN snapshot - remove support for *all* patented or +# questionable software if "USE_PATENTS" is set to "NO" - think +# of DECSS dvd decryption code, and mp3/aac/amr audio encoders. +# r28929-1: 10/mar/2009 by Eric Hameleers +# * Update. +# r29301-1: 12/may/2009 by Eric Hameleers +# * Update. +# r29301-1: 12/may/2009 by Eric Hameleers +# * Update. +# 20100926-1: 26/sep/2010 by Eric Hameleers +# * Slackware has MPlayer now of course, but it does not hurt +# to have a full-featured binary package available. The 1.0rc3 +# was released recently but I prefer to build a snapshot. +# 20110624-1: 24/jun/2011 by Eric Hameleers +# * Provide an up-to-date snapshot to be used in conjunction +# with UMPlayer (a MPlayer GUI). New MPlayer source requires +# a separate ffmpeg download. +# 20120514-1: 14/may/2012 by volkerdi@slackware.com +# * Update. +# 1.1_20120701-1: 28/jun/2012 by alien@slackware.com +# * Update to the 1.1 branch (essentially this is MPlayer-1.1 but +# I like to check it out of SVN). +# 1.1_20130819-1: 19/aug/2013 by volkerdi@slackware.com +# * Update to the latest 1.1 branch, and the same ffmpeg that was +# shipped with the 1.1.1 tarball. The official 1.1.1 release +# did not start a new repo branch, so this is the latest. +# 20150308-1: 09/mar/2015 by pprkut@slackware.com +# * Update to latest version from trunk, together with ffmpeg 2.6, +# which was released roughly around that date as well. +# 20140403-1: 03/apr/2015 by volkerdi@slackware.com +# * Update to latest version from trunk and ffmpeg-2.6.1. +# +# Run 'sh MPlayer.SlackBuild' to build a Slackware package. +# The package (.txz) plus descriptive .txt file are created in /tmp . +# Install using 'installpkg'. +# +# ----------------------------------------------------------------------------- + +# Set initial variables: + +PRGNAM=MPlayer +VERSION=${VERSION:-20160125} +BRANCH=${BRANCH:-1.2} # leave empty if you want to build MPlayer trunk +FFMPEG=${FFMPEG:-2.8.5} +BUILD=${BUILD:-1_slack13.1} +TAG=${TAG:-} +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Show the branch version in the package name if we build from a branch: +[ -n "$BRANCH" ] && PKGVERSION=${BRANCH}_${VERSION} || PKGVERSION=${VERSION} + +DOCS="AUTHORS Changelog Copyright LICENSE README VERSION DOCS/HTML DOCS/tech" + +# MPlayer repository characteristics: +MPURI="svn://svn.mplayerhq.hu/mplayer/" +if [ -n "$BRANCH" ]; then + MPBRANCH="branches/$BRANCH" +else + MPBRANCH="trunk" +fi + +FFURI=git://git.videolan.org/ffmpeg.git + +DEFSKIN=${DEFSKIN:-"Blue"} # Download more skins at the following url: +SKINVER=${SKINVER:-"1.11"} # http://www.mplayerhq.hu/design7/dload.html + +# Available languages: all cs de en es fr hu it pl ru zh_CN +LANGUAGES="en,de,es,fr" + +# Automatically determine the architecture we're building on: +MARCH=$( uname -m ) +if [ -z "$ARCH" ]; then + case "$MARCH" in + i?86) export ARCH=i486 ;; + armv7hl) export ARCH=$MARCH ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$MARCH ;; + esac +fi + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" + # --enable-runtime-cpudetection is supported only for x86, x86_64, and PPC + EXTRACONFIGUREOPTIONS="--enable-runtime-cpudetection" +elif [ "$ARCH" = "i486" -o \ + "$ARCH" = "i586" -o \ + "$ARCH" = "i686" ]; then + LIBDIRSUFFIX="" + EXTRACONFIGUREOPTIONS="--enable-runtime-cpudetection" +else + LIBDIRSUFFIX="" + EXTRACONFIGUREOPTIONS="" +fi + +# Where the WIN32 codecs are expectedfor instance +CODECSDIR=/usr/lib${LIBDIRSUFFIX}/codecs + +# --------------------------------------------------------------------------- +# -- PATENT ALERT! -- +# MPLayer can be built with MP3 (lame) and AMR audio encoders +# (needed for FLV and .3GP videos) but these libraries are 'contaminated' +# with patents from Fraunhofer and GGP. +# Also, the AAC encoder has patent issues. +# You can build these patended algorithms into ffmpeg, and if you are an +# ordinary end user, no one will bother you for using them. +# For the binaries based on this SlackBuild that I distribute, it is a +# different story. I am not allowed to distribute binary packages that +# incorporate patented code. So here you go. My Slackware package was +# built with "USE_PATENTS=NO" i.e. without using +# the lame mp3, faac, AMR and dvdcss libraries. +# --------------------------------------------------------------------------- +USE_PATENTS=${USE_PATENTS:-"NO"} + +# MPlayer will try to use one of the TrueType fonts present on the target +# system for it's On Screen Display (OSD) font. +# Slackware 11.0 ships with the Vera and DejaVu fonts, you may want to add +# more fonts to this list. The first font found will be used by creating a +# symbolic link "/usr/share/mplayer/subfont.ttf" to it. +# The use of bitmapped fonts is considered deprecated, but you can still use +# those if you want. Read http://www.mplayerhq.hu/DOCS/HTML/en/fonts-osd.html +# if you want to know more about OSD font configuration. +OSDFONTS="LiberationSans-Regular.ttf \ + Arialuni.ttf arial.ttf \ + DejaVuSans.ttf Vera.ttf" + +# Where do we look for sources? +SRCDIR=$(cd $(dirname $0); pwd) + +SOURCE[0]="$SRCDIR/${PRGNAM}-${VERSION}.tar.xz" +SRCURL[0]="" + +# The default skin to use (we need to add at least one) +SOURCE[1]="$SRCDIR/${DEFSKIN}-${SKINVER}.tar.bz2" +SRCURL[1]="http://www.mplayerhq.hu/MPlayer/skins/${DEFSKIN}-${SKINVER}.tar.bz2" + +# Ffmpeg needs to be checked out separately now: +SOURCE[2]="$SRCDIR/ffmpeg-${FFMPEG}.tar.xz" +SRCURL[2]="" + +# Use the src_checkout() function if no downloadable tarball exists. +# This function checks out sources from SVN/CVS and creates a tarball of them. +src_checkout() { + # Param #1 : index in the SOURCE[] array. + # Param #2 : full path to where SOURCE[$1] tarball should be created. + # Determine the tarball extension: + PEXT=$(echo "${2}" | sed -r -e 's/.*[^.].(tar.xz|tar.gz|tar.bz2|tgz).*/\1/') + case "$PEXT" in + "tar.xz") TARCOMP="J" ;; + "tar.gz") TARCOMP="z" ;; + "tgz") TARCOMP="z" ;; + "tar.bz2") TARCOMP="j" ;; + *) echo "Archive can only have extension 'tar.xz', '.tar.gz' '.tar.bz2' or '.tgz'" ; exit 1 ;; + esac + case ${1} in + 0) # mplayer + if [ "$(echo ${VERSION}|cut -c1)" == 'r' ]; then # revision instead of date + echo "Only supported VERSION is a date - yyyymmdd - or 'HEAD'" + else + REV="{${VERSION}}" + fi + mkdir MPlayer-${VERSION} \ + && cd MPlayer-${VERSION} \ + && svn checkout --revision $REV ${MPURI}/${MPBRANCH} . \ + && svn propget svn:externals | sed -e 's/[[:space:]].*$//g' | xargs svn up --revision $REV \ + && chown -R root:root . \ + && cd .. \ + && tar --exclude-vcs -${TARCOMP}cf ${2} MPlayer-${VERSION} + rm -rf MPlayer-${VERSION} + ;; + 2) # ffmpeg-${FFMPEG} + mkdir ffmpeg_temp_checkout_$$ \ + && cd ffmpeg_temp_checkout_$$ + echo "Checking out tag n$FFMPEG from '$FFURI':" + git clone ${FFURI} ffmpeg \ + && cd ffmpeg \ + && git checkout n$FFMPEG \ + && cd .. + chown -R root:root . \ + && tar --exclude-vcs -${TARCOMP}cf ${2} ffmpeg + cd .. + rm -rf ffmpeg_temp_checkout_$$ + ;; + *) # Do nothing + ;; + esac +} + +# Place to build (TMP) package (PKG) and output (OUTPUT) the program: +TMP=${TMP:-/tmp/build} +PKG=$TMP/package-$PRGNAM +OUTPUT=${OUTPUT:-/tmp} + +## +## --- with a little luck, you won't have to edit below this point --- ## +## + +# Exit the script on errors: +set -e +trap 'echo "$0 FAILED at line $LINENO!" | tee $OUTPUT/error-${PRGNAM}.log' ERR +# Catch unitialized variables: +set -u +P1=${1:-1} + +# Create working directories: +mkdir -p $TMP/tmp-$PRGNAM # location to build the source +rm -rf $TMP/tmp-$PRGNAM/* # remove the remnants of previous build +mkdir -p $PKG # place for the package to be built +rm -rf $PKG/* # erase old package's contents +mkdir -p $OUTPUT # place for the package to be saved + +# Source file availability: +for (( i = 0; i < ${#SOURCE[*]}; i++ )) ; do + if ! [ -f ${SOURCE[$i]} ]; then + echo "Source '$(basename ${SOURCE[$i]})' not available yet..." + # Check if the $SRCDIR is writable at all - if not, download to $OUTPUT + [ -w "$SRCDIR" ] || SOURCE[$i]="$OUTPUT/$(basename ${SOURCE[$i]})" + if ! [ "x${SRCURL[$i]}" == "x" ]; then + echo "Will download file to $(dirname $SOURCE[$i])" + wget -nv -T 20 -O "${SOURCE[$i]}" "${SRCURL[$i]}" || true + if [ $? -ne 0 -o ! -s "${SOURCE[$i]}" ]; then + echo "Downloading '$(basename ${SOURCE[$i]})' failed.. aborting the build." + mv -f "${SOURCE[$i]}" "${SOURCE[$i]}".FAIL + exit 1 + fi + else + # Try if we have a SVN/CVS download routine for ${SOURCE[$i]} + echo "Will checkout sources to $(dirname $SOURCE[$i])" + src_checkout $i "${SOURCE[$i]}" 2>&1 > $OUTPUT/checkout-$(basename ${SOURCE[$i]}).log + fi + if [ ! -f "${SOURCE[$i]}" -o ! -s "${SOURCE[$i]}" ]; then + echo "File '$(basename ${SOURCE[$i]})' not available.. aborting the build." + exit 1 + fi + fi +done + +if [ "$P1" == "--download" ]; then + echo "Download complete." + exit 0 +fi + +# --- PACKAGE BUILDING --- + +echo "++" +echo "|| $PRGNAM-$VERSION" +echo "++" + +cd $TMP/tmp-$PRGNAM +echo "Extracting the source archive(s) for $PRGNAM..." +tar -xvf ${SOURCE[0]} + +cd ${PRGNAM}-${VERSION} + # remove MPlayer's copy of libswscale + rm -rf ffmpeg + + # Extract the ffmpeg source inside the MPlayer directory: + tar -xvf ${SOURCE[2]} + + # in case we build with an official tarball + if [ -e "ffmpeg-$FFMPEG" ]; then + mv "ffmpeg-$FFMPEG" ffmpeg + fi + +cd .. + +chown -R root:root * +chmod -R u+w,go+r-w,a+X-s * +cd ${PRGNAM}-${VERSION} + +# Determine what X we're running (the modular X returns the prefix +# in the next command, while older versions stay silent): +XPREF=$(pkg-config --variable=prefix x11) || true +[ "$XPREF" == "" ] && XPREF='/usr/X11R6' + +# Remove support for patent encumbered and possibly illegal code: +if [ "$USE_PATENTS" != "YES" ]; then + DO_PATENTED="--disable-mp3lame --disable-mp3lame-lavc \ + --disable-libopencore_amrnb \ + --disable-libopencore_amrwb" +else + DO_PATENTED="" +fi + +echo Building ... +# MPlayer wants to automatically determine compiler flags, +# so we don't provide CFLAGS. +./configure \ + --prefix=/usr \ + --mandir=/usr/man \ + --confdir=/etc/mplayer \ + --enable-gui \ + --enable-menu \ + --disable-arts \ + --disable-bitmap-font \ + --codecsdir=${CODECSDIR} \ + --language="${LANGUAGES}" \ + ${EXTRACONFIGUREOPTIONS} \ + ${DO_PATENTED} \ + 2>&1 | tee $OUTPUT/configure-${PRGNAM}.log +# So that MPlayer does not report "UNKNOWN" as it's version: +if [ ! -f VERSION ]; then + echo $VERSION > VERSION +fi +make $NUMJOBS 2>&1 | tee $OUTPUT/make-${PRGNAM}.log +make DESTDIR=$PKG install 2>&1 |tee $OUTPUT/install-${PRGNAM}.log + +# Build the html documentation (not all languages are available): +if [ "$LANGUAGES" = "all" ]; then + # make html-chunked + make html-single +else + for i in $(echo $LANGUAGES | tr , ' ') ; do + # make html-chunked-$i ; + make html-single-$i ; + done +fi + +# Prepare the configfile: +mkdir -p $PKG/etc/mplayer +cp etc/example.conf $PKG/etc/mplayer/mplayer.conf.new + +# Install our default skin: +cd $PKG/usr/share/mplayer/skins +tar -xvf ${SOURCE[1]} +chown -R root:root * +chmod -R u+w,go+r-w,a+X-s * +ln -s ${DEFSKIN} default +cd - + +# Add this to the doinst.sh: +mkdir -p $PKG/install +cat <> $PKG/install/doinst.sh +# Handle the incoming configuration files: +config() { + for infile in \$1; do + NEW="\$infile" + OLD="\`dirname \$NEW\`/\`basename \$NEW .new\`" + # If there's no config file by that name, mv it over: + if [ ! -r \$OLD ]; then + mv \$NEW \$OLD + elif [ "\`cat \$OLD | md5sum\`" = "\`cat \$NEW | md5sum\`" ]; then + # toss the redundant copy + rm \$NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... + done +} + +# Installing a bitmap font is considered deprecated; use a TTF font instead. +# We try to link to an installed TTF font at install time. +# Configure a default TrueType font to use for the OSD : +if [ ! -f usr/share/mplayer/subfont.ttf ]; then + for font in ${OSDFONTS}; do + if [ -f .${XPREF}/lib${LIBDIRSUFFIX}/X11/fonts/TTF/\${font} ]; then + ( cd usr/share/mplayer/ + ln -sf ${XPREF}/lib${LIBDIRSUFFIX}/X11/fonts/TTF/\${font} subfont.ttf + ) + break + fi + done +fi + +# Prepare the new configuration file +config etc/mplayer/mplayer.conf.new + +# Update the desktop database: +if [ -x usr/bin/update-desktop-database ]; then + chroot . /usr/bin/update-desktop-database usr/share/applications 1> /dev/null 2> /dev/null +fi + +# Update hicolor theme cache: +if [ -e usr/share/icons/hicolor/icon-theme.cache ]; then + if [ -x usr/bin/gtk-update-icon-cache ]; then + chroot . /usr/bin/gtk-update-icon-cache /usr/share/icons/hicolor >/dev/null 2>&1 + fi +fi + +# Update the mime database: +if [ -x usr/bin/update-mime-database ]; then + chroot . /usr/bin/update-mime-database usr/share/mime >/dev/null 2>&1 +fi + +EOINS + +# Add documentation: +mkdir -p $PKG/usr/doc/$PRGNAM-$PKGVERSION +cp -a $DOCS $PKG/usr/doc/$PRGNAM-$PKGVERSION || true +cp -a $SRCDIR/$(basename $0) $PKG/usr/doc/$PRGNAM-$PKGVERSION/$PRGNAM.SlackBuild +mv $PKG/usr/doc/$PRGNAM-$PKGVERSION/HTML $PKG/usr/doc/$PRGNAM-$PKGVERSION/html +# Save a sample of all configuration files: +for i in etc/*.conf ; do + cp $i $PKG/usr/doc/$PRGNAM-$PKGVERSION/$(basename $i)-sample +done +# Save a transcript of all configured options for this specific build: +if [ -n $OUTPUT/configure-${PRGNAM}.log ]; then + cat $OUTPUT/configure-${PRGNAM}.log \ + | sed -n "/^Config files successfully generated/,/^'config.h' and 'config.mak' contain your configuration options./p" \ + > $PKG/usr/doc/$PRGNAM-$PKGVERSION/${PRGNAM}.configuration +fi +find $PKG/usr/doc -type f -exec chmod 644 {} \; + +# Compress the man page(s): +if [ -d $PKG/usr/man ]; then + find $PKG/usr/man -type f -name "*.?" -exec gzip -9f {} \; + for i in $(find $PKG/usr/man -type l -name "*.?") ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done +fi + +# Strip binaries: +( find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null ) + +# Add a package description: +mkdir -p $PKG/install +cat $SRCDIR/slack-desc > $PKG/install/slack-desc +if [ -f $SRCDIR/doinst.sh ]; then + cat $SRCDIR/doinst.sh >> $PKG/install/doinst.sh +fi + +# Build the package: +cd $PKG +makepkg --linkadd y --chown n $OUTPUT/${PRGNAM}-${PKGVERSION}-${ARCH}-${BUILD}${TAG}.txz 2>&1 | tee $OUTPUT/makepkg-${PRGNAM}.log +cd $OUTPUT +md5sum ${PRGNAM}-${PKGVERSION}-${ARCH}-${BUILD}${TAG}.txz > ${PRGNAM}-${PKGVERSION}-${ARCH}-${BUILD}${TAG}.txz.md5 +cd - +cat $PKG/install/slack-desc | grep "^${PRGNAM}" > $OUTPUT/${PRGNAM}-${PKGVERSION}-${ARCH}-${BUILD}${TAG}.txt + diff --git a/patches/source/MPlayer/slack-desc b/patches/source/MPlayer/slack-desc new file mode 100644 index 00000000..033b4170 --- /dev/null +++ b/patches/source/MPlayer/slack-desc @@ -0,0 +1,20 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +MPlayer: MPlayer (Linux movie player) +MPlayer: +MPlayer: MPlayer is a movie player for Linux. It plays most MPEG, VOB, AVI, +MPlayer: Ogg/OGM, VIVO, ASF/WMA/WMV, QT/MOV/MP4, FLI, RM, NuppelVideo, +MPlayer: YUV4MPEG, FILM, RoQ, PVA files, supported by many native, XAnim, +MPlayer: and Win32 DLL codecs. You can watch VideoCD, SVCD, DVD, 3ivx, +MPlayer: DivX 3/4/5 and even WMV movies, too (without the avifile library). +MPlayer: MPlayer supports 10 types of subtitles formats: VobSub, +MPlayer: MicroDVD, SubRip, SubViewer, Sami, VPlayer, RT, SSA, AQTitle, MPsub. +MPlayer: +MPlayer: Homepage for MPLayer is http://www.mplayerhq.hu/ + diff --git a/patches/source/acl/acl.SlackBuild b/patches/source/acl/acl.SlackBuild new file mode 100755 index 00000000..1c058e46 --- /dev/null +++ b/patches/source/acl/acl.SlackBuild @@ -0,0 +1,120 @@ +#!/bin/sh + +# Copyright 2005-2011 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=acl +VERSION=2.2.50 +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-acl + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP + +rm -rf acl-$(echo $VERSION | cut -f 1 -d '-') +tar xzvf $CWD/acl-$VERSION.src.tar.gz || exit 1 +cd acl-$(echo $VERSION | cut -f 1 -d '-') || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Add DESTDIR support and improve docs install location: +zcat $CWD/acl.destdir.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit + +# Make sure you have the same version of autoconf as the +# developers did... ;-) +autoconf + +./configure \ + --prefix=/ \ + --exec-prefix=/ \ + --sbindir=/bin \ + --bindir=/usr/bin \ + --libdir=/lib${LIBDIRSUFFIX} \ + --libexecdir=/usr/lib${LIBDIRSUFFIX} \ + --includedir=/usr/include \ + --mandir=/usr/man \ + --datadir=/usr/share + +make || exit 1 +make install DESTDIR=$PKG +make install-dev DESTDIR=$PKG +make install-lib DESTDIR=$PKG + +mv $PKG/usr/share/doc $PKG/usr +( cd $PKG/usr/doc ; mv acl acl-$VERSION ) +#It would be nice to keep the same timestamps that the files have in the source: +cp -a \ + README doc/COPYING* doc/PORTING \ + $PKG/usr/doc/acl-$VERSION + +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) +strip -g $PKG/usr/lib${LIBDIRSUFFIX}/*.a + +# Remove bogus files: +rm -f $PKG/lib${LIBDIRSUFFIX}/*.a $PKG/lib${LIBDIRSUFFIX}/libacl.so $PKG/lib${LIBDIRSUFFIX}/*.la $PKG/usr/lib${LIBDIRSUFFIX}/*.la +# Make /usr/lib${LIBDIRSUFFIX}/libacl.so a symlink to /lib${LIBDIRSUFFIX}: +( cd $PKG/usr/lib${LIBDIRSUFFIX} + rm -f libacl.so + ln -sf /lib${LIBDIRSUFFIX}/libacl.so.1 libacl.so +) +# Fix shared library perms: +chmod 755 $PKG/lib${LIBDIRSUFFIX}/* + +# Gzip the man pages: +( cd $PKG/usr/man + for i in `find . -type l` ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done + gzip -9 */*.? +) + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +makepkg -l y -c n $TMP/acl-$(echo $VERSION | tr - _ )-$ARCH-$BUILD.txz + diff --git a/patches/source/acl/acl.destdir.diff b/patches/source/acl/acl.destdir.diff new file mode 100644 index 00000000..aa4b42e8 --- /dev/null +++ b/patches/source/acl/acl.destdir.diff @@ -0,0 +1,36 @@ +--- ./include/builddefs.in.orig 2011-04-08 11:55:52.000000000 -0500 ++++ ./include/builddefs.in 2011-04-18 13:41:25.000000000 -0500 +@@ -28,14 +28,14 @@ + PKG_VERSION = @pkg_version@ + PKG_PLATFORM = @pkg_platform@ + PKG_DISTRIBUTION= @pkg_distribution@ +-PKG_BIN_DIR = @bindir@ +-PKG_SBIN_DIR = @sbindir@ +-PKG_LIB_DIR = @libdir@@libdirsuffix@ +-PKG_DEVLIB_DIR = @libexecdir@@libdirsuffix@ +-PKG_INC_DIR = @includedir@ +-PKG_MAN_DIR = @mandir@ +-PKG_DOC_DIR = @datadir@/doc/@pkg_name@ +-PKG_LOCALE_DIR = @datadir@/locale ++PKG_BIN_DIR = $(DESTDIR)@bindir@ ++PKG_SBIN_DIR = $(DESTDIR)@sbindir@ ++PKG_LIB_DIR = $(DESTDIR)@libdir@@libdirsuffix@ ++PKG_DEVLIB_DIR = $(DESTDIR)@libexecdir@@libdirsuffix@ ++PKG_INC_DIR = $(DESTDIR)@includedir@ ++PKG_MAN_DIR = $(DESTDIR)@mandir@ ++PKG_DOC_DIR = $(DESTDIR)@datadir@/doc/@pkg_name@ ++PKG_LOCALE_DIR = $(DESTDIR)@datadir@/locale + + CC = @cc@ + AWK = @awk@ +--- ./include/buildmacros.orig 2011-04-08 11:55:52.000000000 -0500 ++++ ./include/buildmacros 2011-04-18 13:41:54.000000000 -0500 +@@ -40,7 +40,7 @@ + $(LFILES:.l=.o) \ + $(YFILES:%.y=%.tab.o) + +-INSTALL = $(TOPDIR)/include/install-sh -o $(PKG_USER) -g $(PKG_GROUP) ++INSTALL = $(TOPDIR)/include/install-sh + + SHELL = /bin/sh + IMAGES_DIR = $(TOPDIR)/all-images diff --git a/patches/source/acl/slack-desc b/patches/source/acl/slack-desc new file mode 100644 index 00000000..93484df3 --- /dev/null +++ b/patches/source/acl/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +acl: acl (tools for using POSIX Access Control Lists) +acl: +acl: This package contains a set of tools and libraries for manipulating +acl: POSIX Access Control Lists. POSIX Access Control Lists (defined in +acl: POSIX 1003.1e draft standard 17) are used to define more fine-grained +acl: discretionary access rights for files and directories. +acl: +acl: +acl: +acl: Homepage: http://savannah.nongnu.org/projects/acl +acl: diff --git a/patches/source/apr-util/apr-util.SlackBuild b/patches/source/apr-util/apr-util.SlackBuild new file mode 100755 index 00000000..d1c9f2e4 --- /dev/null +++ b/patches/source/apr-util/apr-util.SlackBuild @@ -0,0 +1,124 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-$(echo apr-util-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-apr-util + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf apr-util-$VERSION +tar xvf $CWD/apr-util-$VERSION.tar.bz2 || exit 1 +cd apr-util-$VERSION + +# For now, this isn't working with svn (here, anyway) and is probably +# more trouble than it's worth. Could be a grey area in regards to +# licensing, too -- the Apache people say it's fine for third parties +# to link this and distribute the result, but there are usually some +# differing opinions when it comes to this sort of thing... +#( cd dbd ; lftpget http://apache.webthing.com/svn/apache/apr/apr_dbd_mysql.c ) +# --with-mysql=/usr \ +# + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --with-apr=/usr \ + --with-dbm=db44 \ + --with-berkeley-db \ + --disable-util-dso \ + --without-gdbm \ + --with-ldap \ + --disable-static \ + --without-sqlite2 \ + $ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make dox || exit 1 +make install DESTDIR=$PKG + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/usr/doc/apr-util-$VERSION +cp -a \ + INSTALL.MySQL LICENSE NOTICE \ + $PKG/usr/doc/apr-util-$VERSION + +# If there's a CHANGES file, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r CHANGES ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat CHANGES | head -n 1000 > $DOCSDIR/CHANGES + touch -r CHANGES $DOCSDIR/CHANGES +fi + +# This just seems like way too much stuff... +#mv docs/dox/html $PKG/usr/doc/apr-util-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/apr-util-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/apr-util/slack-desc b/patches/source/apr-util/slack-desc new file mode 100644 index 00000000..cec19063 --- /dev/null +++ b/patches/source/apr-util/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +apr-util: apr-util (Apache Portable Runtime utilities) +apr-util: +apr-util: The mission of the Apache Portable Runtime (APR) is to provide a +apr-util: free library of C data structures and routines, forming a system +apr-util: portability layer to as many operating systems as possible. +apr-util: +apr-util: This package contains additional utility interfaces for APR; +apr-util: including support for XML, LDAP, database interfaces, URI parsing, +apr-util: and more. +apr-util: +apr-util: diff --git a/patches/source/apr/apr.SlackBuild b/patches/source/apr/apr.SlackBuild new file mode 100755 index 00000000..125e5677 --- /dev/null +++ b/patches/source/apr/apr.SlackBuild @@ -0,0 +1,110 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-$(echo apr-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-apr + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf apr-$VERSION +tar xvf $CWD/apr-$VERSION.tar.bz2 || exit 1 +cd apr-$VERSION + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --with-installbuilddir=/usr/lib${LIBDIRSUFFIX}/apr-${VERSION}/build-1 \ + --disable-static \ + --with-devrandom=/dev/urandom \ + $ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make dox || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/usr/doc/apr-$VERSION +cp -a \ + LICENSE NOTICE README.dev \ + $PKG/usr/doc/apr-$VERSION + +# If there's a CHANGES file, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r CHANGES ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat CHANGES | head -n 1000 > $DOCSDIR/CHANGES + touch -r CHANGES $DOCSDIR/CHANGES +fi + +# This just seems like way too much stuff... +#mv docs/dox/html $PKG/usr/doc/apr-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/apr-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/apr/slack-desc b/patches/source/apr/slack-desc new file mode 100644 index 00000000..2e52660d --- /dev/null +++ b/patches/source/apr/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +apr: apr (Apache Portable Runtime) +apr: +apr: The mission of the Apache Portable Runtime (APR) is to provide a +apr: free library of C data structures and routines, forming a system +apr: portability layer to as many operating systems as possible. +apr: +apr: +apr: +apr: +apr: +apr: diff --git a/patches/source/bash/bash-4.1-patches/bash41-001 b/patches/source/bash/bash-4.1-patches/bash41-001 new file mode 100644 index 00000000..758e1fa4 --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-001 @@ -0,0 +1,48 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-001 + +Bug-Reported-by: Yann Rouillard +Bug-Reference-ID: <4B44A410.4070107@pleiades.fr.eu.org> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2010-01/msg00018.html + +Bug-Description: + +A prototype for vsnprintf was incorrect, and caused compilation failures +on systems that did not have a suitable vsnprintf, but had a declaration in +one of the system header files. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1-patched/builtins/printf.def 2009-11-20 15:31:23.000000000 -0500 +--- builtins/printf.def 2010-01-07 08:50:06.000000000 -0500 +*************** +*** 173,177 **** + + #if !HAVE_VSNPRINTF +! extern int vsnprintf __P((char *, size_t, const char *, ...)) __attribute__((__format__ (printf, 3, 4))); + #endif + +--- 173,177 ---- + + #if !HAVE_VSNPRINTF +! extern int vsnprintf __P((char *, size_t, const char *, va_list)) __attribute__((__format__ (printf, 3, 0))); + #endif + +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 0 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 1 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-002 b/patches/source/bash/bash-4.1-patches/bash41-002 new file mode 100644 index 00000000..a1151985 --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-002 @@ -0,0 +1,65 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-002 + +Bug-Reported-by: guillaume.outters@free.fr +Bug-Reference-ID: <20100105230441.70D171AA7F52@asterix.local> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2010-01/msg00017.html + +Bug-Description: + +Bash-4.1/Readline-6.1 introduced a hook function that allows applications +to rewrite or modify filenames read from the file system before comparing +them with a word to be completed. The converted filename, if it matches, +needs to be inserted into the line buffer, replacing the original contents. + +This fixes a completion bug on Mac OS X involving filenames containing +UTF-8 characters. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1-patched/lib/readline/complete.c 2009-11-29 18:39:30.000000000 -0500 +--- lib/readline/complete.c 2010-01-06 08:30:23.000000000 -0500 +*************** +*** 2139,2143 **** + if (filename_len == 0) + { +! if (_rl_match_hidden_files == 0 && HIDDEN_FILE (entry->d_name)) + continue; + +--- 2139,2143 ---- + if (filename_len == 0) + { +! if (_rl_match_hidden_files == 0 && HIDDEN_FILE (convfn)) + continue; + +*************** +*** 2220,2224 **** + } + +! strcpy (temp + dirlen, entry->d_name); + } + else +--- 2220,2224 ---- + } + +! strcpy (temp + dirlen, convfn); + } + else +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 1 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 2 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-003 b/patches/source/bash/bash-4.1-patches/bash41-003 new file mode 100644 index 00000000..479fdcd9 --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-003 @@ -0,0 +1,48 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-003 + +Bug-Reported-by: coyote@wariat.org.pl +Bug-Reference-ID: <4b64a1f8.06e2660a.60af.4bfb@mx.google.com> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2010-01/msg00135.html + +Bug-Description: + +If command completion is attempted on a word with a quoted globbing +character (e.g., `*' or `?'), bash can reference a NULL pointer and +dump core. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1-patched/bashline.c 2009-10-24 14:10:19.000000000 -0400 +--- bashline.c 2010-01-30 21:53:49.000000000 -0500 +*************** +*** 1681,1685 **** + characters in the common prefix are bad) will ever be returned on + regular completion. */ +! if (glob_pattern_p (hint)) + { + if (state == 0) +--- 1681,1685 ---- + characters in the common prefix are bad) will ever be returned on + regular completion. */ +! if (globpat) + { + if (state == 0) +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 2 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 3 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-004 b/patches/source/bash/bash-4.1-patches/bash41-004 new file mode 100644 index 00000000..33f79bb7 --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-004 @@ -0,0 +1,47 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-004 + +Bug-Reported-by: Crestez Dan Leonard +Bug-Reference-ID: <1265592839.30682.21.camel@deskbox> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2010-02/msg00034.html + +Bug-Description: + +When running in Posix mode and executing a shell function without local +variables, bash will not propagate a variable in a special builtin's temporary +environment to have global scope. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1-patched/variables.c 2009-11-03 14:13:58.000000000 -0500 +--- variables.c 2010-02-08 17:36:18.000000000 -0500 +*************** +*** 3809,3812 **** +--- 3809,3817 ---- + if (tempvar_p (var) && (posixly_correct || (var->attributes & att_propagate))) + { ++ /* Make sure we have a hash table to store the variable in while it is ++ being propagated down to the global variables table. Create one if ++ we have to */ ++ if ((vc_isfuncenv (shell_variables) || vc_istempenv (shell_variables)) && shell_variables->table == 0) ++ shell_variables->table = hash_create (0); + /* XXX - should we set v->context here? */ + v = bind_variable_internal (var->name, value_cell (var), shell_variables->table, 0, 0); +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 3 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 4 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-005 b/patches/source/bash/bash-4.1-patches/bash41-005 new file mode 100644 index 00000000..8a2fec8a --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-005 @@ -0,0 +1,56 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-005 + +Bug-Reported-by: werner@suse.de +Bug-Reference-ID: <201002251238.o1PCcYcg016893@boole.suse.de> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2010-02/msg00132.html + +Bug-Description: + +When the `read' builtin times out after the timeout specified with -t is +exceeded, it does not reset the flags that tell signal handlers to process +signals immediately instead of deferring their handling. This can result +in unsafe functions being called from signal handlers, which can cause bash +to hang or dump core. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1-patched/builtins/read.def 2009-10-08 11:35:46.000000000 -0400 +--- builtins/read.def 2010-03-17 17:35:39.000000000 -0400 +*************** +*** 616,621 **** + zsyncfd (fd); + +- interrupt_immediately--; +- terminate_immediately--; + discard_unwind_frame ("read_builtin"); + +--- 616,619 ---- +*************** +*** 624,627 **** +--- 622,628 ---- + assign_vars: + ++ interrupt_immediately--; ++ terminate_immediately--; ++ + #if defined (ARRAY_VARS) + /* If -a was given, take the string read, break it into a list of words, +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 4 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 5 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-006 b/patches/source/bash/bash-4.1-patches/bash41-006 new file mode 100644 index 00000000..d6553b8b --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-006 @@ -0,0 +1,76 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-006 + +Bug-Reported-by: Mike Frysinger +Bug-Reference-ID: <201003210155.56618.vapier@gentoo.org> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2010-03/msg00063.html + +Bug-Description: + +Bash did not correctly print/reproduce here documents attached to commands +inside compound commands such as for and while. This affected the +execution of such commands inside a shell function when the function +definition is saved and later restored using `.' or `eval'. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1-patched/print_cmd.c 2009-09-16 15:32:26.000000000 -0400 +--- print_cmd.c 2010-03-22 21:15:30.000000000 -0400 +*************** +*** 114,117 **** +--- 114,123 ---- + #define CHECK_XTRACE_FP xtrace_fp = (xtrace_fp ? xtrace_fp : stderr) + ++ #define PRINT_DEFERRED_HEREDOCS(x) \ ++ do { \ ++ if (deferred_heredocs) \ ++ print_deferred_heredocs (x); \ ++ } while (0) ++ + /* Non-zero means the stuff being printed is inside of a function def. */ + static int inside_function_def; +*************** +*** 561,571 **** + { + print_for_command_head (for_command); +- + cprintf (";"); + newline ("do\n"); + indentation += indentation_amount; + make_command_string_internal (for_command->action); + semicolon (); + indentation -= indentation_amount; + newline ("done"); + } +--- 566,578 ---- + { + print_for_command_head (for_command); + cprintf (";"); + newline ("do\n"); ++ + indentation += indentation_amount; + make_command_string_internal (for_command->action); ++ PRINT_DEFERRED_HEREDOCS (""); + semicolon (); + indentation -= indentation_amount; ++ + newline ("done"); + } +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 5 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 6 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-007 b/patches/source/bash/bash-4.1-patches/bash41-007 new file mode 100644 index 00000000..07b4796c --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-007 @@ -0,0 +1,47 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-007 + +Bug-Reported-by: Rob Robason +Bug-Reference-ID: <1269513145.22336.9.camel@home.robason.homelinux.net> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2010-03/msg00089.html + +Bug-Description: + +A typo caused bash to not honor a precision specification in a printf +format. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1-patched/builtins/printf.def 2010-01-18 10:50:22.000000000 -0500 +--- builtins/printf.def 2010-03-25 09:40:56.000000000 -0400 +*************** +*** 118,122 **** + nw = vflag ? vbprintf (f, fieldwidth, func) : printf (f, fieldwidth, func); \ + else if (have_precision) \ +! nw = vflag ? vbprintf (f, precision, func) : printf (f, fieldwidth, func); \ + else \ + nw = vflag ? vbprintf (f, func) : printf (f, func); \ +--- 118,122 ---- + nw = vflag ? vbprintf (f, fieldwidth, func) : printf (f, fieldwidth, func); \ + else if (have_precision) \ +! nw = vflag ? vbprintf (f, precision, func) : printf (f, precision, func); \ + else \ + nw = vflag ? vbprintf (f, func) : printf (f, func); \ +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 6 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 7 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-008 b/patches/source/bash/bash-4.1-patches/bash41-008 new file mode 100644 index 00000000..2bec4de4 --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-008 @@ -0,0 +1,49 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-008 + +Bug-Reported-by: Dennis van Dok +Bug-Reference-ID: <4BBF2501.5050703@gmail.com> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2010-04/msg00038.html + +Bug-Description: + +When declaring an associative array and implicitly assigning a value +to element "0", bash does not correctly allocate memory, leading to +a segmentation violation when that element or the array itself is +unset. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1-patched/builtins/declare.def 2009-11-25 19:42:00.000000000 -0500 +--- builtins/declare.def 2010-05-30 18:25:21.000000000 -0400 +*************** +*** 513,517 **** + /* let bind_{array,assoc}_variable take care of this. */ + if (assoc_p (var)) +! bind_assoc_variable (var, name, "0", value, aflags); + else + bind_array_variable (name, 0, value, aflags); +--- 519,523 ---- + /* let bind_{array,assoc}_variable take care of this. */ + if (assoc_p (var)) +! bind_assoc_variable (var, name, savestring ("0"), value, aflags); + else + bind_array_variable (name, 0, value, aflags); +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 7 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 8 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-009 b/patches/source/bash/bash-4.1-patches/bash41-009 new file mode 100644 index 00000000..ae0f1e3e --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-009 @@ -0,0 +1,48 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-009 + +Bug-Reported-by: Tomas Trnka +Bug-Reference-ID: <201003242030.02166.tomastrnka@gmx.com> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2010-03/msg00090.html + +Bug-Description: + +An arriving SIGCHLD will interrupt `slow' system calls such as write(2) to +or read(2) from a terminal. This results in an error message and truncated +input or output. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1-patched/sig.c Fri Aug 14 16:31:52 2009 +--- sig.c Fri Mar 26 22:34:11 2010 +*************** +*** 655,660 **** +--- 655,663 ---- + act.sa_flags |= SA_INTERRUPT; /* XXX */ + else + act.sa_flags |= SA_RESTART; /* XXX */ ++ #else ++ if (sig == SIGCHLD) ++ act.sa_flags |= SA_RESTART; + #endif + sigemptyset (&act.sa_mask); + sigemptyset (&oact.sa_mask); +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 8 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 9 + + #endif /* _PATCHLEVEL_H_ */ + diff --git a/patches/source/bash/bash-4.1-patches/bash41-010 b/patches/source/bash/bash-4.1-patches/bash41-010 new file mode 100644 index 00000000..b5a4b615 --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-010 @@ -0,0 +1,68 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-010 + +Bug-Reported-by: Stephane Jourdois +Bug-Reference-ID: +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2010-05/msg00165.html + +Bug-Description: + +The expansion of the \W prompt string escape sequence incorrectly used +strcpy to copy overlapping strings. Only memmove works in this case. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1-patched/parse.y 2009-12-30 12:51:42.000000000 -0500 +--- parse.y 2011-02-24 16:40:48.000000000 -0500 +*************** +*** 5153,5157 **** + t = strrchr (t_string, '/'); + if (t) +! strcpy (t_string, t + 1); + } + } +--- 5153,5157 ---- + t = strrchr (t_string, '/'); + if (t) +! memmove (t_string, t + 1, strlen (t)); + } + } +*** ../bash-4.1-patched/y.tab.c 2009-12-30 12:52:02.000000000 -0500 +--- y.tab.c 2011-02-24 16:50:27.000000000 -0500 +*************** +*** 7482,7486 **** + t = strrchr (t_string, '/'); + if (t) +! strcpy (t_string, t + 1); + } + } +--- 7482,7486 ---- + t = strrchr (t_string, '/'); + if (t) +! memmove (t_string, t + 1, strlen (t)); + } + } +*************** +*** 8244,8246 **** + } + #endif /* HANDLE_MULTIBYTE */ +- +--- 8244,8245 ---- +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 9 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 10 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-011 b/patches/source/bash/bash-4.1-patches/bash41-011 new file mode 100644 index 00000000..050da955 --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-011 @@ -0,0 +1,86 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-011 + +Bug-Reported-by: +Bug-Reference-ID: <4DAAC0DB.7060606@piumalab.org> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2011-04/msg00075.html + +Bug-Description: + +Under certain circumstances, running `fc -l' two times in succession with a +relative history offset at the end of the history will result in an incorrect +calculation of the last history entry and a seg fault. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1-patched/builtins/fc.def 2009-03-21 14:03:43.000000000 -0400 +--- builtins/fc.def 2011-04-19 15:46:17.000000000 -0400 +*************** +*** 304,307 **** +--- 304,317 ---- + last_hist = i - rh - hist_last_line_added; + ++ /* XXX */ ++ if (i == last_hist && hlist[last_hist] == 0) ++ while (last_hist >= 0 && hlist[last_hist] == 0) ++ last_hist--; ++ if (last_hist < 0) ++ { ++ sh_erange ((char *)NULL, _("history specification")); ++ return (EXECUTION_FAILURE); ++ } ++ + if (list) + { +*************** +*** 466,470 **** + { + int sign, n, clen, rh; +! register int i, j; + register char *s; + +--- 476,480 ---- + { + int sign, n, clen, rh; +! register int i, j, last_hist; + register char *s; + +*************** +*** 486,490 **** + calculation as if it were on. */ + rh = remember_on_history || ((subshell_environment & SUBSHELL_COMSUB) && enable_history_list); +! i -= rh + hist_last_line_added; + + /* No specification defaults to most recent command. */ +--- 496,508 ---- + calculation as if it were on. */ + rh = remember_on_history || ((subshell_environment & SUBSHELL_COMSUB) && enable_history_list); +! last_hist = i - rh - hist_last_line_added; +! +! if (i == last_hist && hlist[last_hist] == 0) +! while (last_hist >= 0 && hlist[last_hist] == 0) +! last_hist--; +! if (last_hist < 0) +! return (-1); +! +! i = last_hist; + + /* No specification defaults to most recent command. */ +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 10 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 11 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-012 b/patches/source/bash/bash-4.1-patches/bash41-012 new file mode 100644 index 00000000..17464c07 --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-012 @@ -0,0 +1,104 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-012 + +Bug-Reported-by: Stephane Chazelas +Bug-Reference-ID: +Bug-Reference-URL: + +Bug-Description: + +Under certain circumstances, bash will execute user code while processing the +environment for exported function definitions. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1.11/builtins/common.h 2009-12-22 16:30:42.000000000 -0500 +--- builtins/common.h 2014-09-16 19:27:38.000000000 -0400 +*************** +*** 36,39 **** +--- 36,41 ---- + + /* Flags for describe_command, shared between type.def and command.def */ ++ #define SEVAL_FUNCDEF 0x080 /* only allow function definitions */ ++ #define SEVAL_ONECMD 0x100 /* only allow a single command */ + #define CDESC_ALL 0x001 /* type -a */ + #define CDESC_SHORTDESC 0x002 /* command -V */ +*** ../bash-4.1.11/builtins/evalstring.c 2009-10-17 21:18:50.000000000 -0400 +--- builtins/evalstring.c 2014-09-16 19:27:38.000000000 -0400 +*************** +*** 262,265 **** +--- 262,273 ---- + struct fd_bitmap *bitmap; + ++ if ((flags & SEVAL_FUNCDEF) && command->type != cm_function_def) ++ { ++ internal_warning ("%s: ignoring function definition attempt", from_file); ++ should_jump_to_top_level = 0; ++ last_result = last_command_exit_value = EX_BADUSAGE; ++ break; ++ } ++ + bitmap = new_fd_bitmap (FD_BITMAP_SIZE); + begin_unwind_frame ("pe_dispose"); +*************** +*** 322,325 **** +--- 330,336 ---- + dispose_fd_bitmap (bitmap); + discard_unwind_frame ("pe_dispose"); ++ ++ if (flags & SEVAL_ONECMD) ++ break; + } + } +*** ../bash-4.1.11/variables.c 2010-03-26 12:15:39.000000000 -0400 +--- variables.c 2014-09-16 19:27:38.000000000 -0400 +*************** +*** 348,357 **** + strcpy (temp_string + char_index + 1, string); + +! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST); +! +! /* Ancient backwards compatibility. Old versions of bash exported +! functions like name()=() {...} */ +! if (name[char_index - 1] == ')' && name[char_index - 2] == '(') +! name[char_index - 2] = '\0'; + + if (temp_var = find_function (name)) +--- 348,355 ---- + strcpy (temp_string + char_index + 1, string); + +! /* Don't import function names that are invalid identifiers from the +! environment. */ +! if (legal_identifier (name)) +! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD); + + if (temp_var = find_function (name)) +*************** +*** 362,369 **** + else + report_error (_("error importing function definition for `%s'"), name); +- +- /* ( */ +- if (name[char_index - 1] == ')' && name[char_index - 2] == '\0') +- name[char_index - 2] = '('; /* ) */ + } + #if defined (ARRAY_VARS) +--- 360,363 ---- +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 11 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 12 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-013 b/patches/source/bash/bash-4.1-patches/bash41-013 new file mode 100644 index 00000000..7a93dacd --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-013 @@ -0,0 +1,43 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-013 + +Bug-Reported-by: Tavis Ormandy +Bug-Reference-ID: +Bug-Reference-URL: http://twitter.com/taviso/statuses/514887394294652929 + +Bug-Description: + +Under certain circumstances, bash can incorrectly save a lookahead character and +return it on a subsequent call, even when reading a new line. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1.12/parse.y 2011-02-24 19:41:01.000000000 -0500 +--- parse.y 2014-09-25 16:13:57.000000000 -0400 +*************** +*** 2812,2815 **** +--- 2812,2817 ---- + word_desc_to_read = (WORD_DESC *)NULL; + ++ eol_ungetc_lookahead = 0; ++ + current_token = '\n'; /* XXX */ + last_read_token = '\n'; +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 12 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 13 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-014 b/patches/source/bash/bash-4.1-patches/bash41-014 new file mode 100644 index 00000000..87a57be7 --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-014 @@ -0,0 +1,217 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-014 + +Bug-Reported-by: Florian Weimer +Bug-Reference-ID: +Bug-Reference-URL: + +Bug-Description: + +This patch changes the encoding bash uses for exported functions to avoid +clashes with shell variables and to avoid depending only on an environment +variable's contents to determine whether or not to interpret it as a shell +function. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1.13/variables.c 2014-09-16 19:27:38.000000000 -0400 +--- variables.c 2014-09-27 20:57:46.000000000 -0400 +*************** +*** 80,83 **** +--- 80,88 ---- + #define ifsname(s) ((s)[0] == 'I' && (s)[1] == 'F' && (s)[2] == 'S' && (s)[3] == '\0') + ++ #define BASHFUNC_PREFIX "BASH_FUNC_" ++ #define BASHFUNC_PREFLEN 10 /* == strlen(BASHFUNC_PREFIX */ ++ #define BASHFUNC_SUFFIX "%%" ++ #define BASHFUNC_SUFFLEN 2 /* == strlen(BASHFUNC_SUFFIX) */ ++ + extern char **environ; + +*************** +*** 269,273 **** + static void dispose_temporary_env __P((sh_free_func_t *)); + +! static inline char *mk_env_string __P((const char *, const char *)); + static char **make_env_array_from_var_list __P((SHELL_VAR **)); + static char **make_var_export_array __P((VAR_CONTEXT *)); +--- 274,278 ---- + static void dispose_temporary_env __P((sh_free_func_t *)); + +! static inline char *mk_env_string __P((const char *, const char *, int)); + static char **make_env_array_from_var_list __P((SHELL_VAR **)); + static char **make_var_export_array __P((VAR_CONTEXT *)); +*************** +*** 339,357 **** + /* If exported function, define it now. Don't import functions from + the environment in privileged mode. */ +! if (privmode == 0 && read_but_dont_execute == 0 && STREQN ("() {", string, 4)) + { + string_length = strlen (string); +! temp_string = (char *)xmalloc (3 + string_length + char_index); + +! strcpy (temp_string, name); +! temp_string[char_index] = ' '; +! strcpy (temp_string + char_index + 1, string); + + /* Don't import function names that are invalid identifiers from the + environment. */ +! if (legal_identifier (name)) +! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD); + +! if (temp_var = find_function (name)) + { + VSETATTR (temp_var, (att_exported|att_imported)); +--- 344,373 ---- + /* If exported function, define it now. Don't import functions from + the environment in privileged mode. */ +! if (privmode == 0 && read_but_dont_execute == 0 && +! STREQN (BASHFUNC_PREFIX, name, BASHFUNC_PREFLEN) && +! STREQ (BASHFUNC_SUFFIX, name + char_index - BASHFUNC_SUFFLEN) && +! STREQN ("() {", string, 4)) + { ++ size_t namelen; ++ char *tname; /* desired imported function name */ ++ ++ namelen = char_index - BASHFUNC_PREFLEN - BASHFUNC_SUFFLEN; ++ ++ tname = name + BASHFUNC_PREFLEN; /* start of func name */ ++ tname[namelen] = '\0'; /* now tname == func name */ ++ + string_length = strlen (string); +! temp_string = (char *)xmalloc (namelen + string_length + 2); + +! memcpy (temp_string, tname, namelen); +! temp_string[namelen] = ' '; +! memcpy (temp_string + namelen + 1, string, string_length + 1); + + /* Don't import function names that are invalid identifiers from the + environment. */ +! if (absolute_program (tname) == 0 && (posixly_correct == 0 || legal_identifier (tname))) +! parse_and_execute (temp_string, tname, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD); + +! if (temp_var = find_function (tname)) + { + VSETATTR (temp_var, (att_exported|att_imported)); +*************** +*** 359,363 **** + } + else +! report_error (_("error importing function definition for `%s'"), name); + } + #if defined (ARRAY_VARS) +--- 375,382 ---- + } + else +! report_error (_("error importing function definition for `%s'"), tname); +! +! /* Restore original suffix */ +! tname[namelen] = BASHFUNC_SUFFIX[0]; + } + #if defined (ARRAY_VARS) +*************** +*** 2520,2524 **** + + INVALIDATE_EXPORTSTR (var); +! var->exportstr = mk_env_string (name, value); + + array_needs_making = 1; +--- 2539,2543 ---- + + INVALIDATE_EXPORTSTR (var); +! var->exportstr = mk_env_string (name, value, 0); + + array_needs_making = 1; +*************** +*** 3339,3357 **** + + static inline char * +! mk_env_string (name, value) + const char *name, *value; + { +! int name_len, value_len; +! char *p; + + name_len = strlen (name); + value_len = STRLEN (value); +! p = (char *)xmalloc (2 + name_len + value_len); +! strcpy (p, name); +! p[name_len] = '='; + if (value && *value) +! strcpy (p + name_len + 1, value); + else +! p[name_len + 1] = '\0'; + return (p); + } +--- 3358,3397 ---- + + static inline char * +! mk_env_string (name, value, isfunc) + const char *name, *value; ++ int isfunc; + { +! size_t name_len, value_len; +! char *p, *q; + + name_len = strlen (name); + value_len = STRLEN (value); +! +! /* If we are exporting a shell function, construct the encoded function +! name. */ +! if (isfunc && value) +! { +! p = (char *)xmalloc (BASHFUNC_PREFLEN + name_len + BASHFUNC_SUFFLEN + value_len + 2); +! q = p; +! memcpy (q, BASHFUNC_PREFIX, BASHFUNC_PREFLEN); +! q += BASHFUNC_PREFLEN; +! memcpy (q, name, name_len); +! q += name_len; +! memcpy (q, BASHFUNC_SUFFIX, BASHFUNC_SUFFLEN); +! q += BASHFUNC_SUFFLEN; +! } +! else +! { +! p = (char *)xmalloc (2 + name_len + value_len); +! memcpy (p, name, name_len); +! q = p + name_len; +! } +! +! q[0] = '='; + if (value && *value) +! memcpy (q + 1, value, value_len + 1); + else +! q[1] = '\0'; +! + return (p); + } +*************** +*** 3439,3443 **** + using the cached exportstr... */ + list[list_index] = USE_EXPORTSTR ? savestring (value) +! : mk_env_string (var->name, value); + + if (USE_EXPORTSTR == 0) +--- 3479,3483 ---- + using the cached exportstr... */ + list[list_index] = USE_EXPORTSTR ? savestring (value) +! : mk_env_string (var->name, value, function_p (var)); + + if (USE_EXPORTSTR == 0) +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 13 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 14 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-015 b/patches/source/bash/bash-4.1-patches/bash41-015 new file mode 100644 index 00000000..c7af80f0 --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-015 @@ -0,0 +1,173 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-015 + +Bug-Reported-by: Florian Weimer +Bug-Reference-ID: +Bug-Reference-URL: + +Bug-Description: + +There are two local buffer overflows in parse.y that can cause the shell +to dump core when given many here-documents attached to a single command +or many nested loops. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1.14/parse.y 2014-09-27 12:18:25.000000000 -0400 +--- parse.y 2014-09-30 19:36:03.000000000 -0400 +*************** +*** 168,171 **** +--- 168,174 ---- + static int reserved_word_acceptable __P((int)); + static int yylex __P((void)); ++ ++ static void push_heredoc __P((REDIRECT *)); ++ static char *mk_alexpansion __P((char *)); + static int alias_expand_token __P((char *)); + static int time_command_acceptable __P((void)); +*************** +*** 262,266 **** + /* Variables to manage the task of reading here documents, because we need to + defer the reading until after a complete command has been collected. */ +! static REDIRECT *redir_stack[10]; + int need_here_doc; + +--- 265,271 ---- + /* Variables to manage the task of reading here documents, because we need to + defer the reading until after a complete command has been collected. */ +! #define HEREDOC_MAX 16 +! +! static REDIRECT *redir_stack[HEREDOC_MAX]; + int need_here_doc; + +*************** +*** 304,308 **** + index is decremented after a case, select, or for command is parsed. */ + #define MAX_CASE_NEST 128 +! static int word_lineno[MAX_CASE_NEST]; + static int word_top = -1; + +--- 309,313 ---- + index is decremented after a case, select, or for command is parsed. */ + #define MAX_CASE_NEST 128 +! static int word_lineno[MAX_CASE_NEST+1]; + static int word_top = -1; + +*************** +*** 517,521 **** + redir.filename = $2; + $$ = make_redirection (source, r_reading_until, redir, 0); +! redir_stack[need_here_doc++] = $$; + } + | NUMBER LESS_LESS WORD +--- 522,526 ---- + redir.filename = $2; + $$ = make_redirection (source, r_reading_until, redir, 0); +! push_heredoc ($$); + } + | NUMBER LESS_LESS WORD +*************** +*** 524,528 **** + redir.filename = $3; + $$ = make_redirection (source, r_reading_until, redir, 0); +! redir_stack[need_here_doc++] = $$; + } + | REDIR_WORD LESS_LESS WORD +--- 529,533 ---- + redir.filename = $3; + $$ = make_redirection (source, r_reading_until, redir, 0); +! push_heredoc ($$); + } + | REDIR_WORD LESS_LESS WORD +*************** +*** 531,535 **** + redir.filename = $3; + $$ = make_redirection (source, r_reading_until, redir, REDIR_VARASSIGN); +! redir_stack[need_here_doc++] = $$; + } + | LESS_LESS_MINUS WORD +--- 536,540 ---- + redir.filename = $3; + $$ = make_redirection (source, r_reading_until, redir, REDIR_VARASSIGN); +! push_heredoc ($$); + } + | LESS_LESS_MINUS WORD +*************** +*** 538,542 **** + redir.filename = $2; + $$ = make_redirection (source, r_deblank_reading_until, redir, 0); +! redir_stack[need_here_doc++] = $$; + } + | NUMBER LESS_LESS_MINUS WORD +--- 543,547 ---- + redir.filename = $2; + $$ = make_redirection (source, r_deblank_reading_until, redir, 0); +! push_heredoc ($$); + } + | NUMBER LESS_LESS_MINUS WORD +*************** +*** 545,549 **** + redir.filename = $3; + $$ = make_redirection (source, r_deblank_reading_until, redir, 0); +! redir_stack[need_here_doc++] = $$; + } + | REDIR_WORD LESS_LESS_MINUS WORD +--- 550,554 ---- + redir.filename = $3; + $$ = make_redirection (source, r_deblank_reading_until, redir, 0); +! push_heredoc ($$); + } + | REDIR_WORD LESS_LESS_MINUS WORD +*************** +*** 552,556 **** + redir.filename = $3; + $$ = make_redirection (source, r_deblank_reading_until, redir, REDIR_VARASSIGN); +! redir_stack[need_here_doc++] = $$; + } + | LESS_LESS_LESS WORD +--- 557,561 ---- + redir.filename = $3; + $$ = make_redirection (source, r_deblank_reading_until, redir, REDIR_VARASSIGN); +! push_heredoc ($$); + } + | LESS_LESS_LESS WORD +*************** +*** 2508,2511 **** +--- 2513,2531 ---- + static int esacs_needed_count; + ++ static void ++ push_heredoc (r) ++ REDIRECT *r; ++ { ++ if (need_here_doc >= HEREDOC_MAX) ++ { ++ last_command_exit_value = EX_BADUSAGE; ++ need_here_doc = 0; ++ report_syntax_error (_("maximum here-document count exceeded")); ++ reset_parser (); ++ exit_shell (last_command_exit_value); ++ } ++ redir_stack[need_here_doc++] = r; ++ } ++ + void + gather_here_documents () +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 14 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 15 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-016 b/patches/source/bash/bash-4.1-patches/bash41-016 new file mode 100644 index 00000000..ff1ce9cd --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-016 @@ -0,0 +1,59 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-016 + +Bug-Reported-by: Michal Zalewski +Bug-Reference-ID: +Bug-Reference-URL: + +Bug-Description: + +When bash is parsing a function definition that contains a here-document +delimited by end-of-file (or end-of-string), it leaves the closing delimiter +uninitialized. This can result in an invalid memory access when the parsed +function is later copied. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1.15/make_cmd.c 2009-09-11 17:26:12.000000000 -0400 +--- make_cmd.c 2014-10-02 11:29:35.000000000 -0400 +*************** +*** 690,693 **** +--- 690,694 ---- + temp->redirector = source; + temp->redirectee = dest_and_filename; ++ temp->here_doc_eof = 0; + temp->instruction = instruction; + temp->flags = 0; +*** ../bash-4.1.15/copy_cmd.c 2009-09-11 16:28:02.000000000 -0400 +--- copy_cmd.c 2014-10-02 11:29:35.000000000 -0400 +*************** +*** 127,131 **** + case r_reading_until: + case r_deblank_reading_until: +! new_redirect->here_doc_eof = savestring (redirect->here_doc_eof); + /*FALLTHROUGH*/ + case r_reading_string: +--- 127,131 ---- + case r_reading_until: + case r_deblank_reading_until: +! new_redirect->here_doc_eof = redirect->here_doc_eof ? savestring (redirect->here_doc_eof) : 0; + /*FALLTHROUGH*/ + case r_reading_string: +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 15 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 16 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-017 b/patches/source/bash/bash-4.1-patches/bash41-017 new file mode 100644 index 00000000..22a9336f --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-017 @@ -0,0 +1,132 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-017 + +Bug-Reported-by: Michal Zalewski +Bug-Reference-ID: +Bug-Reference-URL: + +Bug-Description: + +A combination of nested command substitutions and function importing from +the environment can cause bash to execute code appearing in the environment +variable value following the function definition. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1.16/builtins/evalstring.c 2014-09-16 19:27:38.000000000 -0400 +--- builtins/evalstring.c 2014-10-04 15:08:26.000000000 -0400 +*************** +*** 262,271 **** + struct fd_bitmap *bitmap; + +! if ((flags & SEVAL_FUNCDEF) && command->type != cm_function_def) + { +! internal_warning ("%s: ignoring function definition attempt", from_file); +! should_jump_to_top_level = 0; +! last_result = last_command_exit_value = EX_BADUSAGE; +! break; + } + +--- 262,284 ---- + struct fd_bitmap *bitmap; + +! if (flags & SEVAL_FUNCDEF) + { +! char *x; +! +! /* If the command parses to something other than a straight +! function definition, or if we have not consumed the entire +! string, or if the parser has transformed the function +! name (as parsing will if it begins or ends with shell +! whitespace, for example), reject the attempt */ +! if (command->type != cm_function_def || +! ((x = parser_remaining_input ()) && *x) || +! (STREQ (from_file, command->value.Function_def->name->word) == 0)) +! { +! internal_warning (_("%s: ignoring function definition attempt"), from_file); +! should_jump_to_top_level = 0; +! last_result = last_command_exit_value = EX_BADUSAGE; +! reset_parser (); +! break; +! } + } + +*************** +*** 332,336 **** + + if (flags & SEVAL_ONECMD) +! break; + } + } +--- 345,352 ---- + + if (flags & SEVAL_ONECMD) +! { +! reset_parser (); +! break; +! } + } + } +*** ../bash-4.1.16/parse.y 2014-09-30 19:36:03.000000000 -0400 +--- parse.y 2014-10-04 15:08:26.000000000 -0400 +*************** +*** 2410,2413 **** +--- 2410,2423 ---- + } + ++ char * ++ parser_remaining_input () ++ { ++ if (shell_input_line == 0) ++ return 0; ++ if (shell_input_line_index < 0 || shell_input_line_index >= shell_input_line_len) ++ return '\0'; /* XXX */ ++ return (shell_input_line + shell_input_line_index); ++ } ++ + #ifdef INCLUDE_UNUSED + /* Back the input pointer up by one, effectively `ungetting' a character. */ +*************** +*** 3809,3814 **** + restore_parser_state (&ps); + reset_parser (); +! if (interactive) +! token_to_read = 0; + + /* Need to find how many characters parse_and_execute consumed, update +--- 3819,3824 ---- + restore_parser_state (&ps); + reset_parser (); +! +! token_to_read = 0; + + /* Need to find how many characters parse_and_execute consumed, update +*** ../bash-4.1.16/shell.h 2009-08-14 16:32:52.000000000 -0400 +--- shell.h 2014-10-04 15:08:26.000000000 -0400 +*************** +*** 164,167 **** +--- 164,169 ---- + + /* Let's try declaring these here. */ ++ extern char *parser_remaining_input __P((void)); ++ + extern sh_parser_state_t *save_parser_state __P((sh_parser_state_t *)); + extern void restore_parser_state __P((sh_parser_state_t *)); +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 16 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 17 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash.CVE-2016-0634.bash43-047 b/patches/source/bash/bash.CVE-2016-0634.bash43-047 new file mode 100644 index 00000000..316e3afc --- /dev/null +++ b/patches/source/bash/bash.CVE-2016-0634.bash43-047 @@ -0,0 +1,150 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.3 +Patch-ID: bash43-047 + +Bug-Reported-by: Bernd Dietzel +Bug-Reference-ID: +Bug-Reference-URL: https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1507025 + +Bug-Description: + +Bash performs word expansions on the prompt strings after the special +escape sequences are expanded. If a malicious user can modify the system +hostname or change the name of the bash executable and coerce a user into +executing it, and the new name contains word expansions (including +command substitution), bash will expand them in prompt strings containing +the \h or \H and \s escape sequences, respectively. + +Patch (apply with `patch -p0'): + +*** ../bash-4.3-patched/parse.y 2015-08-13 15:11:54.000000000 -0400 +--- parse.y 2016-03-07 15:44:14.000000000 -0500 +*************** +*** 5259,5263 **** + int result_size, result_index; + int c, n, i; +! char *temp, octal_string[4]; + struct tm *tm; + time_t the_time; +--- 5259,5263 ---- + int result_size, result_index; + int c, n, i; +! char *temp, *t_host, octal_string[4]; + struct tm *tm; + time_t the_time; +*************** +*** 5407,5411 **** + case 's': + temp = base_pathname (shell_name); +! temp = savestring (temp); + goto add_string; + +--- 5407,5415 ---- + case 's': + temp = base_pathname (shell_name); +! /* Try to quote anything the user can set in the file system */ +! if (promptvars || posixly_correct) +! temp = sh_backslash_quote_for_double_quotes (temp); +! else +! temp = savestring (temp); + goto add_string; + +*************** +*** 5497,5503 **** + case 'h': + case 'H': +! temp = savestring (current_host_name); +! if (c == 'h' && (t = (char *)strchr (temp, '.'))) + *t = '\0'; + goto add_string; + +--- 5501,5515 ---- + case 'h': + case 'H': +! t_host = savestring (current_host_name); +! if (c == 'h' && (t = (char *)strchr (t_host, '.'))) + *t = '\0'; ++ if (promptvars || posixly_correct) ++ /* Make sure that expand_prompt_string is called with a ++ second argument of Q_DOUBLE_QUOTES if we use this ++ function here. */ ++ temp = sh_backslash_quote_for_double_quotes (t_host); ++ else ++ temp = savestring (t_host); ++ free (t_host); + goto add_string; + +*** ../bash-4.3-patched/y.tab.c 2015-08-13 15:11:54.000000000 -0400 +--- y.tab.c 2016-03-07 15:44:14.000000000 -0500 +*************** +*** 7571,7575 **** + int result_size, result_index; + int c, n, i; +! char *temp, octal_string[4]; + struct tm *tm; + time_t the_time; +--- 7571,7575 ---- + int result_size, result_index; + int c, n, i; +! char *temp, *t_host, octal_string[4]; + struct tm *tm; + time_t the_time; +*************** +*** 7719,7723 **** + case 's': + temp = base_pathname (shell_name); +! temp = savestring (temp); + goto add_string; + +--- 7719,7727 ---- + case 's': + temp = base_pathname (shell_name); +! /* Try to quote anything the user can set in the file system */ +! if (promptvars || posixly_correct) +! temp = sh_backslash_quote_for_double_quotes (temp); +! else +! temp = savestring (temp); + goto add_string; + +*************** +*** 7809,7815 **** + case 'h': + case 'H': +! temp = savestring (current_host_name); +! if (c == 'h' && (t = (char *)strchr (temp, '.'))) + *t = '\0'; + goto add_string; + +--- 7813,7827 ---- + case 'h': + case 'H': +! t_host = savestring (current_host_name); +! if (c == 'h' && (t = (char *)strchr (t_host, '.'))) + *t = '\0'; ++ if (promptvars || posixly_correct) ++ /* Make sure that expand_prompt_string is called with a ++ second argument of Q_DOUBLE_QUOTES if we use this ++ function here. */ ++ temp = sh_backslash_quote_for_double_quotes (t_host); ++ else ++ temp = savestring (t_host); ++ free (t_host); + goto add_string; + +*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 +--- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 46 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 47 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash.CVE-2016-7543.bash43-048 b/patches/source/bash/bash.CVE-2016-7543.bash43-048 new file mode 100644 index 00000000..6a8588ec --- /dev/null +++ b/patches/source/bash/bash.CVE-2016-7543.bash43-048 @@ -0,0 +1,54 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.3 +Patch-ID: bash43-048 + +Bug-Reported-by: up201407890@alunos.dcc.fc.up.pt +Bug-Reference-ID: <20151210201649.126444eionzfsam8@webmail.alunos.dcc.fc.up.pt> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2015-12/msg00054.html + +Bug-Description: + +If a malicious user can inject a value of $SHELLOPTS containing `xtrace' +and a value for $PS4 that includes a command substitution into a shell +running as root, bash will expand the command substitution as part of +expanding $PS4 when it executes a traced command. + +Patch (apply with `patch -p0'): + +*** ../bash-4.3-patched/variables.c 2015-11-26 12:31:21.000000000 -0500 +--- variables.c 2015-12-23 10:19:01.000000000 -0500 +*************** +*** 496,500 **** + set_if_not ("PS2", secondary_prompt); + } +! set_if_not ("PS4", "+ "); + + /* Don't allow IFS to be imported from the environment. */ +--- 496,504 ---- + set_if_not ("PS2", secondary_prompt); + } +! +! if (current_user.euid == 0) +! bind_variable ("PS4", "+ ", 0); +! else +! set_if_not ("PS4", "+ "); + + /* Don't allow IFS to be imported from the environment. */ + +*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 +--- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 47 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 48 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash.SlackBuild b/patches/source/bash/bash.SlackBuild new file mode 100755 index 00000000..513d27f9 --- /dev/null +++ b/patches/source/bash/bash.SlackBuild @@ -0,0 +1,155 @@ +#!/bin/sh + +# Copyright 2005-2017 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# Set initial variables: +CWD=`pwd` +if [ "$TMP" = "" ]; then + TMP=/tmp +fi +PKG=$TMP/package-bash + +VERSION=${VERSION:-$(echo bash-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i386" ]; then + SLKCFLAGS="-O2 -march=i386 -mcpu=i686" +elif [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +if [ ! -d $TMP ]; then + mkdir -p $TMP # location to build the source +fi +rm -rf $PKG +mkdir -p $PKG + +# Determine bash patchlevel: +PATCHLEVEL="$( cd $CWD/bash-${VERSION}-patches ; /bin/ls bash4?-??? | tail -1 | cut -f 2 -d - 2> /dev/null )" +if [ "$PATCHLEVEL" = "" ]; then + PATCHLEVEL=0 +fi + +cd $TMP +rm -rf bash-$VERSION +tar xvf $CWD/bash-$VERSION.tar.?z* || exit 1 +cd bash-$VERSION || exit 1 +chown -R root:root . +find . -perm 664 | xargs chmod 644 +find . -perm 775 | xargs chmod 755 + +if [ -d $CWD/bash-${VERSION}-patches ]; then + ( cd $CWD/bash-${VERSION}-patches ; cat bash4?-??? ) | patch -p0 --verbose || exit 1 +fi + +# Patch security issues with upstream patches for bash-4.3. +# Don't worry about the patch rejections in patchlevel.h here. +zcat $CWD/bash.CVE-2016-0634.bash43-047.gz | patch -p0 --verbose +zcat $CWD/bash.CVE-2016-7543.bash43-048.gz | patch -p0 --verbose + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --mandir=/usr/man \ + --infodir=/usr/info \ + --build=$ARCH-slackware-linux +make -j4 || make || exit 1 +make install DESTDIR=$PKG +mv $PKG/usr/share/doc $PKG/usr +mkdir -p $PKG/bin +mv $PKG/usr/bin/bash $PKG/bin/bash4.new +# We don't include the "bashbug" script. +rm -rf $PKG/usr/bin $PKG/usr/man/man1/bashbug.1 + +# Strip binaries: +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +# bash.1 is already installed by "make install" +( cd doc + for page in builtins.1 rbash.1 ; do + cat $page | gzip -9c > $PKG/usr/man/man1/$page.gz + done +) + +# Compress info files, if any: +if [ -d $PKG/usr/info ]; then + ( cd $PKG/usr/info + rm -f dir + gzip -9 * + ) +fi + +mkdir -p $PKG/usr/doc/bash-$VERSION +cp -a AUTHORS CHANGES COMPAT COPYING INSTALL MANIFEST NEWS NOTES \ + README Y2K doc/FAQ doc/INTRO \ + $PKG/usr/doc/bash-$VERSION +( cd doc ; groff -ms -Tascii article.ms > $PKG/usr/doc/bash-$VERSION/article.txt ) + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +makepkg -l y -c n $TMP/bash-$VERSION.$PATCHLEVEL-$ARCH-$BUILD.txz + diff --git a/patches/source/bash/doinst.sh b/patches/source/bash/doinst.sh new file mode 100644 index 00000000..867958fb --- /dev/null +++ b/patches/source/bash/doinst.sh @@ -0,0 +1,18 @@ +if [ -r bin/bash ]; then + mv bin/bash bin/bash.old +fi +mv bin/bash4.new bin/bash +if [ -f bin/bash.old ]; then + rm -f bin/bash.old +fi +if [ ! -r etc/shells ]; then + touch etc/shells + chmod 644 etc/shells +fi +if grep -wq /bin/bash etc/shells ; then + true +else + echo /bin/bash >> etc/shells +fi +( cd usr/bin ; rm -rf bash ) +( cd usr/bin ; ln -sf /bin/bash bash ) diff --git a/patches/source/bash/slack-desc b/patches/source/bash/slack-desc new file mode 100644 index 00000000..f2fdb929 --- /dev/null +++ b/patches/source/bash/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +bash: bash (sh-compatible shell) +bash: +bash: The GNU Bourne-Again SHell. Bash is a sh-compatible command +bash: interpreter that executes commands read from the standard input or +bash: from a file. Bash also incorporates useful features from the Korn +bash: and C shells (ksh and csh). Bash is ultimately intended to be a +bash: conformant implementation of the IEEE Posix Shell and Tools +bash: specification (IEEE Working Group 1003.2). +bash: +bash: Bash must be present for the system to boot properly. +bash: diff --git a/patches/source/bind/3link.sh b/patches/source/bind/3link.sh new file mode 100644 index 00000000..ec8ba4d1 --- /dev/null +++ b/patches/source/bind/3link.sh @@ -0,0 +1,136 @@ +rm -f lwres_addr_parse.3 +ln -sf lwres_resutil.3 lwres_addr_parse.3 +rm -f lwres_buffer_add.3 +ln -sf lwres_buffer.3 lwres_buffer_add.3 +rm -f lwres_buffer_back.3 +ln -sf lwres_buffer.3 lwres_buffer_back.3 +rm -f lwres_buffer_clear.3 +ln -sf lwres_buffer.3 lwres_buffer_clear.3 +rm -f lwres_buffer_first.3 +ln -sf lwres_buffer.3 lwres_buffer_first.3 +rm -f lwres_buffer_forward.3 +ln -sf lwres_buffer.3 lwres_buffer_forward.3 +rm -f lwres_buffer_getmem.3 +ln -sf lwres_buffer.3 lwres_buffer_getmem.3 +rm -f lwres_buffer_getuint16.3 +ln -sf lwres_buffer.3 lwres_buffer_getuint16.3 +rm -f lwres_buffer_getuint32.3 +ln -sf lwres_buffer.3 lwres_buffer_getuint32.3 +rm -f lwres_buffer_getuint8.3 +ln -sf lwres_buffer.3 lwres_buffer_getuint8.3 +rm -f lwres_buffer_init.3 +ln -sf lwres_buffer.3 lwres_buffer_init.3 +rm -f lwres_buffer_invalidate.3 +ln -sf lwres_buffer.3 lwres_buffer_invalidate.3 +rm -f lwres_buffer_putmem.3 +ln -sf lwres_buffer.3 lwres_buffer_putmem.3 +rm -f lwres_buffer_putuint16.3 +ln -sf lwres_buffer.3 lwres_buffer_putuint16.3 +rm -f lwres_buffer_putuint32.3 +ln -sf lwres_buffer.3 lwres_buffer_putuint32.3 +rm -f lwres_buffer_putuint8.3 +ln -sf lwres_buffer.3 lwres_buffer_putuint8.3 +rm -f lwres_buffer_subtract.3 +ln -sf lwres_buffer.3 lwres_buffer_subtract.3 +rm -f lwres_conf_clear.3 +ln -sf lwres_config.3 lwres_conf_clear.3 +rm -f lwres_conf_get.3 +ln -sf lwres_config.3 lwres_conf_get.3 +rm -f lwres_conf_init.3 +ln -sf lwres_config.3 lwres_conf_init.3 +rm -f lwres_conf_parse.3 +ln -sf lwres_config.3 lwres_conf_parse.3 +rm -f lwres_conf_print.3 +ln -sf lwres_config.3 lwres_conf_print.3 +rm -f lwres_context_allocmem.3 +ln -sf lwres_context.3 lwres_context_allocmem.3 +rm -f lwres_context_create.3 +ln -sf lwres_context.3 lwres_context_create.3 +rm -f lwres_context_destroy.3 +ln -sf lwres_context.3 lwres_context_destroy.3 +rm -f lwres_context_freemem.3 +ln -sf lwres_context.3 lwres_context_freemem.3 +rm -f lwres_context_initserial.3 +ln -sf lwres_context.3 lwres_context_initserial.3 +rm -f lwres_context_nextserial.3 +ln -sf lwres_context.3 lwres_context_nextserial.3 +rm -f lwres_context_sendrecv.3 +ln -sf lwres_context.3 lwres_context_sendrecv.3 +rm -f lwres_endhostent.3 +ln -sf lwres_gethostent.3 lwres_endhostent.3 +rm -f lwres_endhostent_r.3 +ln -sf lwres_gethostent.3 lwres_endhostent_r.3 +rm -f lwres_freeaddrinfo.3 +ln -sf lwres_getaddrinfo.3 lwres_freeaddrinfo.3 +rm -f lwres_freehostent.3 +ln -sf lwres_getipnode.3 lwres_freehostent.3 +rm -f lwres_gabnrequest_free.3 +ln -sf lwres_gabn.3 lwres_gabnrequest_free.3 +rm -f lwres_gabnrequest_parse.3 +ln -sf lwres_gabn.3 lwres_gabnrequest_parse.3 +rm -f lwres_gabnrequest_render.3 +ln -sf lwres_gabn.3 lwres_gabnrequest_render.3 +rm -f lwres_gabnresponse_free.3 +ln -sf lwres_gabn.3 lwres_gabnresponse_free.3 +rm -f lwres_gabnresponse_parse.3 +ln -sf lwres_gabn.3 lwres_gabnresponse_parse.3 +rm -f lwres_gabnresponse_render.3 +ln -sf lwres_gabn.3 lwres_gabnresponse_render.3 +rm -f lwres_getaddrsbyname.3 +ln -sf lwres_resutil.3 lwres_getaddrsbyname.3 +rm -f lwres_gethostbyaddr.3 +ln -sf lwres_gethostent.3 lwres_gethostbyaddr.3 +rm -f lwres_gethostbyaddr_r.3 +ln -sf lwres_gethostent.3 lwres_gethostbyaddr_r.3 +rm -f lwres_gethostbyname.3 +ln -sf lwres_gethostent.3 lwres_gethostbyname.3 +rm -f lwres_gethostbyname2.3 +ln -sf lwres_gethostent.3 lwres_gethostbyname2.3 +rm -f lwres_gethostbyname_r.3 +ln -sf lwres_gethostent.3 lwres_gethostbyname_r.3 +rm -f lwres_gethostent_r.3 +ln -sf lwres_gethostent.3 lwres_gethostent_r.3 +rm -f lwres_getipnodebyaddr.3 +ln -sf lwres_getipnode.3 lwres_getipnodebyaddr.3 +rm -f lwres_getipnodebyname.3 +ln -sf lwres_getipnode.3 lwres_getipnodebyname.3 +rm -f lwres_getnamebyaddr.3 +ln -sf lwres_resutil.3 lwres_getnamebyaddr.3 +rm -f lwres_gnbarequest_free.3 +ln -sf lwres_gnba.3 lwres_gnbarequest_free.3 +rm -f lwres_gnbarequest_parse.3 +ln -sf lwres_gnba.3 lwres_gnbarequest_parse.3 +rm -f lwres_gnbarequest_render.3 +ln -sf lwres_gnba.3 lwres_gnbarequest_render.3 +rm -f lwres_gnbaresponse_free.3 +ln -sf lwres_gnba.3 lwres_gnbaresponse_free.3 +rm -f lwres_gnbaresponse_parse.3 +ln -sf lwres_gnba.3 lwres_gnbaresponse_parse.3 +rm -f lwres_gnbaresponse_render.3 +ln -sf lwres_gnba.3 lwres_gnbaresponse_render.3 +rm -f lwres_herror.3 +ln -sf lwres_hstrerror.3 lwres_herror.3 +rm -f lwres_lwpacket_parseheader.3 +ln -sf lwres_packet.3 lwres_lwpacket_parseheader.3 +rm -f lwres_lwpacket_renderheader.3 +ln -sf lwres_packet.3 lwres_lwpacket_renderheader.3 +rm -f lwres_net_ntop.3 +ln -sf lwres_inetntop.3 lwres_net_ntop.3 +rm -f lwres_nooprequest_free.3 +ln -sf lwres_noop.3 lwres_nooprequest_free.3 +rm -f lwres_nooprequest_parse.3 +ln -sf lwres_noop.3 lwres_nooprequest_parse.3 +rm -f lwres_nooprequest_render.3 +ln -sf lwres_noop.3 lwres_nooprequest_render.3 +rm -f lwres_noopresponse_free.3 +ln -sf lwres_noop.3 lwres_noopresponse_free.3 +rm -f lwres_noopresponse_parse.3 +ln -sf lwres_noop.3 lwres_noopresponse_parse.3 +rm -f lwres_noopresponse_render.3 +ln -sf lwres_noop.3 lwres_noopresponse_render.3 +rm -f lwres_sethostent.3 +ln -sf lwres_gethostent.3 lwres_sethostent.3 +rm -f lwres_sethostent_r.3 +ln -sf lwres_gethostent.3 lwres_sethostent_r.3 +rm -f lwres_string_parse.3 +ln -sf lwres_resutil.3 lwres_string_parse.3 diff --git a/patches/source/bind/bind.SlackBuild b/patches/source/bind/bind.SlackBuild new file mode 100755 index 00000000..c6b81ec9 --- /dev/null +++ b/patches/source/bind/bind.SlackBuild @@ -0,0 +1,165 @@ +#!/bin/sh + +# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=bind +VERSION=${VERSION:-9.9.11-P1} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=/bind-$(mcookie) +PKG=$TMP/package-${PKGNAM} +rm -rf $PKG +mkdir -p $TMP $PKG/etc/default + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +cd $TMP +rm -rf ${PKGNAM}-${VERSION} +tar xvf $CWD/${PKGNAM}-$VERSION.tar.gz || exit 1 +cd ${PKGNAM}-$VERSION || exit 1 + +# Remove use of SO_BSDCOMPAT which has been obsolete since the 2.2.x kernel +# series, and generates warnings under 2.6.x kernels. This _might_ be fixed +# upstream already, but an explicit #undef SO_BSDCOMPAT does not hurt: +zcat $CWD/bind.so_bsdcompat.diff.gz | patch -p1 --verbose || exit + +# Make sure ownerships and permissions are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Configure: +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --with-libtool \ + --mandir=/usr/man \ + --enable-shared \ + --disable-static \ + --enable-threads \ + --with-openssl=/usr \ + --build=$ARCH-slackware-linux || exit 1 + +# Build and install: +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# We like symlinks. +( cd $PKG/usr/sbin + ln -sf named lwresd +) + +# We like a lot of symlinks. +( cd $PKG/usr/man/man3 + sh $CWD/3link.sh +) + +# Install init script: +mkdir -p $PKG/etc/rc.d +cp -a $CWD/rc.bind $PKG/etc/rc.d/rc.bind.new +chmod 644 $PKG/etc/rc.d/rc.bind.new + +# Add /var/run/named directory: +mkdir -p $PKG/var/run/named + +# Fix library perms: +chmod 755 $PKG/usr/lib${LIBDIRSUFFIX}/* + +# Strip binaries: +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* 2> /dev/null + ) + done + ) +fi + +# Add a documentation directory: +mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION +cp -a \ + CHANGES COPYRIGHT FAQ* README* \ + doc/arm doc/misc \ + $PKG/usr/doc/${PKGNAM}-$VERSION + +# This one should have the correct perms of the config file: +chmod 644 $PKG/usr/doc/${PKGNAM}-$VERSION/misc/rndc.conf-sample + +# One format of this is plenty. Especially get rid of the bloated PDF. +( cd $PKG/usr/doc/bind-$VERSION/arm + rm -f Makefile* *.pdf *.xml README.SGML latex-fixup.pl +) + +# Add sample config files for a simple caching nameserver: +mkdir -p $PKG/var/named/caching-example +cat $CWD/caching-example/named.conf > $PKG/etc/named.conf.new +cat $CWD/caching-example/localhost.zone > $PKG/var/named/caching-example/localhost.zone +cat $CWD/caching-example/named.local > $PKG/var/named/caching-example/named.local +cat $CWD/caching-example/named.root > $PKG/var/named/caching-example/named.root +# This name is deprecated, but having it here doesn't hurt in case +# an old configuration file wants it: +cat $CWD/caching-example/named.root > $PKG/var/named/caching-example/named.ca + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/${PKGNAM}-$(echo $VERSION | tr - _)-$ARCH-$BUILD.txz + diff --git a/patches/source/bind/bind.so_bsdcompat.diff b/patches/source/bind/bind.so_bsdcompat.diff new file mode 100644 index 00000000..5d78031b --- /dev/null +++ b/patches/source/bind/bind.so_bsdcompat.diff @@ -0,0 +1,11 @@ +--- ./lib/isc/unix/socket.c.orig 2005-11-03 17:08:42.000000000 -0600 ++++ ./lib/isc/unix/socket.c 2006-02-18 13:09:15.000000000 -0600 +@@ -245,6 +245,8 @@ + + #define SOCK_DEAD(s) ((s)->references == 0) + ++#undef SO_BSDCOMPAT ++ + static void + manager_log(isc_socketmgr_t *sockmgr, + isc_logcategory_t *category, isc_logmodule_t *module, int level, diff --git a/patches/source/bind/caching-example/localhost.zone b/patches/source/bind/caching-example/localhost.zone new file mode 100644 index 00000000..c47baf5f --- /dev/null +++ b/patches/source/bind/caching-example/localhost.zone @@ -0,0 +1,11 @@ +$TTL 86400 +$ORIGIN localhost. +@ 1D IN SOA @ root ( + 42 ; serial (d. adams) + 3H ; refresh + 15M ; retry + 1W ; expiry + 1D ) ; minimum + + 1D IN NS @ + 1D IN A 127.0.0.1 diff --git a/patches/source/bind/caching-example/named.conf b/patches/source/bind/caching-example/named.conf new file mode 100644 index 00000000..a8ee2795 --- /dev/null +++ b/patches/source/bind/caching-example/named.conf @@ -0,0 +1,31 @@ +options { + directory "/var/named"; + /* + * If there is a firewall between you and nameservers you want + * to talk to, you might need to uncomment the query-source + * directive below. Previous versions of BIND always asked + * questions using port 53, but BIND 8.1 uses an unprivileged + * port by default. + */ + // query-source address * port 53; +}; + +// +// a caching only nameserver config +// +zone "." IN { + type hint; + file "caching-example/named.root"; +}; + +zone "localhost" IN { + type master; + file "caching-example/localhost.zone"; + allow-update { none; }; +}; + +zone "0.0.127.in-addr.arpa" IN { + type master; + file "caching-example/named.local"; + allow-update { none; }; +}; diff --git a/patches/source/bind/caching-example/named.local b/patches/source/bind/caching-example/named.local new file mode 100644 index 00000000..8f40bcf3 --- /dev/null +++ b/patches/source/bind/caching-example/named.local @@ -0,0 +1,10 @@ +$TTL 86400 +@ IN SOA localhost. root.localhost. ( + 2011032500 ; Serial + 28800 ; Refresh + 14400 ; Retry + 3600000 ; Expire + 86400 ) ; Minimum + IN NS localhost. + +1 IN PTR localhost. diff --git a/patches/source/bind/caching-example/named.root b/patches/source/bind/caching-example/named.root new file mode 100644 index 00000000..9cc20228 --- /dev/null +++ b/patches/source/bind/caching-example/named.root @@ -0,0 +1,90 @@ +; This file holds the information on root name servers needed to +; initialize cache of Internet domain name servers +; (e.g. reference this file in the "cache . " +; configuration file of BIND domain name servers). +; +; This file is made available by InterNIC +; under anonymous FTP as +; file /domain/named.cache +; on server FTP.INTERNIC.NET +; -OR- RS.INTERNIC.NET +; +; last update: November 05, 2014 +; related version of root zone: 2014110501 +; +; formerly NS.INTERNIC.NET +; +. 3600000 NS A.ROOT-SERVERS.NET. +A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 +A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:ba3e::2:30 +; +; FORMERLY NS1.ISI.EDU +; +. 3600000 NS B.ROOT-SERVERS.NET. +B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 +B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:84::b +; +; FORMERLY C.PSI.NET +; +. 3600000 NS C.ROOT-SERVERS.NET. +C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 +C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::c +; +; FORMERLY TERP.UMD.EDU +; +. 3600000 NS D.ROOT-SERVERS.NET. +D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13 +D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d +; +; FORMERLY NS.NASA.GOV +; +. 3600000 NS E.ROOT-SERVERS.NET. +E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 +; +; FORMERLY NS.ISC.ORG +; +. 3600000 NS F.ROOT-SERVERS.NET. +F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 +F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f +; +; FORMERLY NS.NIC.DDN.MIL +; +. 3600000 NS G.ROOT-SERVERS.NET. +G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 +; +; FORMERLY AOS.ARL.ARMY.MIL +; +. 3600000 NS H.ROOT-SERVERS.NET. +H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53 +H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803f:235 +; +; FORMERLY NIC.NORDU.NET +; +. 3600000 NS I.ROOT-SERVERS.NET. +I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 +I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fe::53 +; +; OPERATED BY VERISIGN, INC. +; +. 3600000 NS J.ROOT-SERVERS.NET. +J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 +J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:c27::2:30 +; +; OPERATED BY RIPE NCC +; +. 3600000 NS K.ROOT-SERVERS.NET. +K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 +K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1 +; +; OPERATED BY ICANN +; +. 3600000 NS L.ROOT-SERVERS.NET. +L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42 +L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42 +; +; OPERATED BY WIDE +; +. 3600000 NS M.ROOT-SERVERS.NET. +M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 +M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35 +; End of file diff --git a/patches/source/bind/doinst.sh b/patches/source/bind/doinst.sh new file mode 100644 index 00000000..afeff946 --- /dev/null +++ b/patches/source/bind/doinst.sh @@ -0,0 +1,36 @@ +#!/bin/sh +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +# Keep same perms on rc.bind.new: +if [ -e etc/rc.d/rc.bind ]; then + cp -a etc/rc.d/rc.bind etc/rc.d/rc.bind.new.incoming + cat etc/rc.d/rc.bind.new > etc/rc.d/rc.bind.new.incoming + mv etc/rc.d/rc.bind.new.incoming etc/rc.d/rc.bind.new +fi + +config etc/named.conf.new +config etc/rc.d/rc.bind.new + +# Add a /var/named if it doesn't exist: +if [ ! -d var/named ]; then + mkdir -p var/named + chmod 755 var/named +fi + +# Generate /etc/rndc.key if there's none there, +# and there also no /etc/rndc.conf (the other +# way to set this up). +if [ ! -r etc/rndc.key -a ! -r /etc/rndc.conf ]; then + chroot . /sbin/ldconfig + chroot . /usr/sbin/rndc-confgen -r /dev/urandom -a 2> /dev/null +fi diff --git a/patches/source/bind/rc.bind b/patches/source/bind/rc.bind new file mode 100644 index 00000000..6d77d73d --- /dev/null +++ b/patches/source/bind/rc.bind @@ -0,0 +1,112 @@ +#!/bin/sh +# Start/stop/restart the BIND name server daemon (named). + + +# Start bind. In the past it was more secure to run BIND as a non-root +# user (for example, with '-u daemon'), but the modern version of BIND +# knows how to use the kernel's capability mechanism to drop all root +# privileges except the ability to bind() to a privileged port and set +# process resource limits, so -u should not be needed. If you wish to +# use it anyway, chown the /var/run/named and /var/named directories to +# the non-root user. The command options can be set like this in +# /etc/default/named : +# NAMED_OPTIONS="-u daemon" +# So you will not have to edit this script. + +# You might also consider running BIND in a "chroot jail", +# a discussion of which may be found in +# /usr/doc/Linux-HOWTOs/Chroot-BIND-HOWTO. + +# One last note: rndc has a lot of other nice features that it is not +# within the scope of this start/stop/restart script to support. +# For more details, see "man rndc" or just type "rndc" to see the options. + +# Load command defaults: +if [ -f /etc/default/named ] ; then . /etc/default/named ; fi +if [ -f /etc/default/rndc ] ; then . /etc/default/rndc ; fi + +# Sanity check. If /usr/sbin/named is missing then it +# doesn't make much sense to try to run this script: +if [ ! -x /usr/sbin/named ]; then + echo "/etc/rc.d/rc.bind: no /usr/sbin/named found (or not executable); cannot start." + exit 1 +fi + +# Start BIND. As many times as you like. ;-) +# Seriously, don't run "rc.bind start" if BIND is already +# running or you'll get more than one copy running. +bind_start() { + if [ -x /usr/sbin/named ]; then + echo "Starting BIND: /usr/sbin/named $NAMED_OPTIONS" + /usr/sbin/named $NAMED_OPTIONS + sleep 1 + fi + if ! ps axc | grep -q named ; then + echo "WARNING: named did not start." + echo "Attempting to start named again: /usr/sbin/named $NAMED_OPTIONS" + /usr/sbin/named $NAMED_OPTIONS + sleep 1 + if ps axc | grep -q named ; then + echo "SUCCESS: named started." + else + echo "FAILED: Sorry, a second attempt to start named has also failed." + echo "There may be a configuration error that needs fixing. Good luck!" + fi + fi +} + +# Stop all running copies of BIND (/usr/sbin/named): +bind_stop() { + echo "Stopping BIND: /usr/sbin/rndc $RDNC_OPTIONS stop" + /usr/sbin/rndc $RDNC_OPTIONS stop + # A problem with using "/usr/sbin/rndc stop" is that if you + # managed to get multiple copies of named running it will + # only stop one of them and then can't stop the others even + # if you run it again. So, after doing things the nice way + # we'll do them the old-fashioned way. If you don't like + # it you can comment it out, but unless you have a lot of + # other programs you run called "named" this is unlikely + # to have any ill effects: + sleep 1 + if ps axc | grep -q named ; then + echo "Using "killall named" on additional BIND processes..." + /bin/killall named 2> /dev/null + fi +} + +# Reload BIND: +bind_reload() { + /usr/sbin/rndc $RDNC_OPTIONS reload +} + +# Restart BIND: +bind_restart() { + bind_stop + bind_start +} + +# Get BIND status: +bind_status() { + /usr/sbin/rndc $RDNC_OPTIONS status +} + +case "$1" in +'start') + bind_start + ;; +'stop') + bind_stop + ;; +'reload') + bind_reload + ;; +'restart') + bind_restart + ;; +'status') + bind_status + ;; +*) + echo "usage $0 start|stop|reload|restart|status" +esac + diff --git a/patches/source/bind/slack-desc b/patches/source/bind/slack-desc new file mode 100644 index 00000000..9e9b15d1 --- /dev/null +++ b/patches/source/bind/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +bind: bind (DNS server and utilities) +bind: +bind: The named daemon and support utilities such as dig, host, and +bind: nslookup. Sample configuration files for running a simple caching +bind: nameserver are included. Documentation for advanced name server +bind: setup can be found in /usr/doc/bind-9.x.x/. +bind: +bind: +bind: +bind: +bind: diff --git a/patches/source/bluez/bluez.CVE-2017-1000251.diff b/patches/source/bluez/bluez.CVE-2017-1000251.diff new file mode 100644 index 00000000..8f820363 --- /dev/null +++ b/patches/source/bluez/bluez.CVE-2017-1000251.diff @@ -0,0 +1,27 @@ +From 9e009647b14e810e06626dde7f1bb9ea3c375d09 Mon Sep 17 00:00:00 2001 +From: Luiz Augusto von Dentz +Date: Wed, 13 Sep 2017 10:01:40 +0300 +Subject: sdp: Fix Out-of-bounds heap read in service_search_attr_req function + +Check if there is enough data to continue otherwise return an error. +--- + src/sdpd-request.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/sdpd-request.c b/src/sdpd-request.c +index 1eefdce..318d044 100644 +--- a/src/sdpd-request.c ++++ b/src/sdpd-request.c +@@ -917,7 +917,7 @@ static int service_search_attr_req(sdp_req_t *req, sdp_buf_t *buf) + } else { + /* continuation State exists -> get from cache */ + sdp_buf_t *pCache = sdp_get_cached_rsp(cstate); +- if (pCache) { ++ if (pCache && cstate->cStateValue.maxBytesSent < pCache->data_size) { + uint16_t sent = MIN(max, pCache->data_size - cstate->cStateValue.maxBytesSent); + pResponse = pCache->data; + memcpy(buf->data, pResponse + cstate->cStateValue.maxBytesSent, sent); +-- +cgit v1.1 + + diff --git a/patches/source/bluez/bluez.SlackBuild b/patches/source/bluez/bluez.SlackBuild new file mode 100755 index 00000000..5367ad9f --- /dev/null +++ b/patches/source/bluez/bluez.SlackBuild @@ -0,0 +1,199 @@ +#!/bin/sh + +# Slackware build script for bluez-utils - http://www.bluez.org + +# Copyright 2009, 2010 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=bluez +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack13.1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/${PKGNAM}-${VERSION}.tar.?z* || exit 1 +cd $PKGNAM-$VERSION + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Fixup the dbus config file for our usage: +zcat $CWD/patches/bluez-dbus-config.patch.gz | patch -p1 --verbose || exit 1 + +# Use a wrapper to check rc.bluetooth mode before starting bluetoothd +zcat $CWD/patches/bluez-run_udev_helper.patch.gz | patch -p1 --verbose || exit 1 + +# Unbreak a Dell USB mouse +# https://bugzilla.novell.com/show_bug.cgi?id=522287 +# https://bugzilla.redhat.com/show_bug.cgi?id=517088 +zcat $CWD/patches/bluez-unbreak_dell_mouse.patch.gz | patch -p1 --verbose || exit 1 + +# Patch CVE-2017-1000251: +zcat $CWD/bluez.CVE-2017-1000251.diff.gz | patch -p1 --verbose || exit 1 + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --mandir=/usr/man \ + --localstatedir=/var \ + --enable-gstreamer \ + --enable-alsa \ + --enable-usb \ + --enable-netlink \ + --enable-tools\ + --enable-bccmd \ + --enable-hid2hci \ + --enable-dfutool \ + --enable-hidd \ + --enable-pand \ + --enable-dund \ + --enable-cups \ + --enable-service \ + --enable-udevrules \ + --enable-configfiles \ + --disable-silent-rules \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG + +# I'm don't think we need this, but I'll leave it commented just in case: +# http://bugs.archlinux.org/task/4930 +# The dbus-1 and bluetooth linkages are obvious, but I had to get the rt and +# pthread ones from the old bluez-utils (VERSION=3.36) tests/Makefile +#gcc $SLKCFLAGS $(pkg-config --cflags dbus-1) -DVERSION=3.36 \ +# -L$(pwd)/lib/.libs -ldbus-1 -lbluetooth -lpthread -lrt \ +# $CWD/passkey-agent.c -o $PKG/usr/bin/passkey-agent || exit 1 + +cp -a scripts/bluetooth_serial $PKG/lib/udev/bluetooth_serial || exit 1 +chmod 0755 $PKG/lib/udev/bluetooth_serial + +cat $CWD/config/bluetooth.sh > $PKG/lib/udev/bluetooth.sh +chmod 0755 $PKG/lib/udev/bluetooth.sh + +# SuSE says this is safe... :-) +mkdir -p $PKG/etc/modprobe.d +cat $CWD/config/bluetooth.modprobe > $PKG/etc/modprobe.d/bluetooth.conf + +mkdir -p $PKG/etc/bluetooth +cp -a audio/audio.conf $PKG/etc/bluetooth +cp -a input/input.conf $PKG/etc/bluetooth +cp -a network/network.conf $PKG/etc/bluetooth +cp -a serial/serial.conf $PKG/etc/bluetooth +cp -a tools/rfcomm.conf $PKG/etc/bluetooth +chmod 644 $PKG/etc/bluetooth/*.conf + +# Do not overwrite configuration +# Well, let the dbus file be overwritten, as it is not usually user-edited. +( cd $PKG + for file in \ + etc/alsa/bluetooth.conf \ + etc/bluetooth/audio.conf \ + etc/bluetooth/input.conf \ + etc/bluetooth/network.conf \ + etc/bluetooth/serial.conf \ + etc/bluetooth/rfcomm.conf \ + etc/bluetooth/main.conf \ + etc/modprobe.d/bluetooth.conf ; do + mv ${file} ${file}.new + done +) + +# Add an init script +mkdir -p $PKG/etc/rc.d +cat $CWD/config/rc.bluetooth > $PKG/etc/rc.d/rc.bluetooth.new + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a \ + AUTHORS COPYING* INSTALL NEWS README* \ + $PKG/usr/doc/$PKGNAM-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/bluez/config/bluetooth.modprobe b/patches/source/bluez/config/bluetooth.modprobe new file mode 100644 index 00000000..3072d788 --- /dev/null +++ b/patches/source/bluez/config/bluetooth.modprobe @@ -0,0 +1,3 @@ +# use "reset=1" as default, since it should be safe for recent devices and +# solves all kind of problems. +options btusb reset=1 diff --git a/patches/source/bluez/config/bluetooth.sh b/patches/source/bluez/config/bluetooth.sh new file mode 100644 index 00000000..22034551 --- /dev/null +++ b/patches/source/bluez/config/bluetooth.sh @@ -0,0 +1,7 @@ +#!/bin/sh + +# Check whether /etc/rc.d/rc.bluetooth is executable before starting +# the bluetooth subsystem for hotplugged bluetooth devices +[ -x /etc/rc.d/rc.bluetooth ] && exec /usr/sbin/bluetoothd --udev +exit 0 + diff --git a/patches/source/bluez/config/rc.bluetooth b/patches/source/bluez/config/rc.bluetooth new file mode 100644 index 00000000..12540d83 --- /dev/null +++ b/patches/source/bluez/config/rc.bluetooth @@ -0,0 +1,30 @@ +#!/bin/sh + +bluez_start() { + # bluetoothd requires dbus, but dbus isn't started early enough during + # system boot, so we have to re-trigger the events now + udevadm trigger --subsystem-match=bluetooth --action=add +} + +bluez_stop() { + pkill -TERM bluetoothd 1>/dev/null 2>/dev/null +} + +case "$1" in + start) + bluez_start + ;; + stop) + bluez_stop + ;; + restart) + bluez_stop + sleep 1 + bluez_start + ;; + *) + printf "Usage: $N {start|stop|restart}\n" + exit 1 + ;; +esac + diff --git a/patches/source/bluez/doinst.sh b/patches/source/bluez/doinst.sh new file mode 100644 index 00000000..1711435e --- /dev/null +++ b/patches/source/bluez/doinst.sh @@ -0,0 +1,29 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +# Keep same perms on rc.bluetooth.new: +if [ -e etc/rc.d/rc.bluetooth ]; then + cp -a etc/rc.d/rc.bluetooth etc/rc.d/rc.bluetooth.new.incoming + cat etc/rc.d/rc.bluetooth.new > etc/rc.d/rc.bluetooth.new.incoming + mv etc/rc.d/rc.bluetooth.new.incoming etc/rc.d/rc.bluetooth.new +fi + +config etc/alsa/bluetooth.conf.new +config etc/rc.d/rc.bluetooth.new +config etc/bluetooth/audio.conf.new +config etc/bluetooth/input.conf.new +config etc/bluetooth/main.conf.new +config etc/bluetooth/network.conf.new +config etc/bluetooth/serial.conf.new +config etc/bluetooth/rfcomm.conf.new +config etc/modprobe.d/bluetooth.conf.new + diff --git a/patches/source/bluez/passkey-agent.c b/patches/source/bluez/passkey-agent.c new file mode 100644 index 00000000..8ac91d27 --- /dev/null +++ b/patches/source/bluez/passkey-agent.c @@ -0,0 +1,418 @@ +/* + * + * BlueZ - Bluetooth protocol stack for Linux + * + * Copyright (C) 2004-2008 Marcel Holtmann + * + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + * + */ + +#ifdef HAVE_CONFIG_H +#include +#endif + +#include +#include +#include +#include +#include +#include +#include + +#include + +#define INTERFACE "org.bluez.Security" + +static char *passkey = NULL; +static char *address = NULL; + +static int do_reject = 0; + +static volatile sig_atomic_t __io_canceled = 0; +static volatile sig_atomic_t __io_terminated = 0; + +static void sig_term(int sig) +{ + __io_canceled = 1; +} + +static DBusHandlerResult agent_filter(DBusConnection *conn, + DBusMessage *msg, void *data) +{ + const char *name, *old, *new; + + if (!dbus_message_is_signal(msg, DBUS_INTERFACE_DBUS, "NameOwnerChanged")) + return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; + + if (!dbus_message_get_args(msg, NULL, + DBUS_TYPE_STRING, &name, DBUS_TYPE_STRING, &old, + DBUS_TYPE_STRING, &new, DBUS_TYPE_INVALID)) { + fprintf(stderr, "Invalid arguments for NameOwnerChanged signal"); + return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; + } + + if (!strcmp(name, "org.bluez") && *new == '\0') { + fprintf(stderr, "Passkey service has been terminated\n"); + __io_terminated = 1; + } + + return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; +} + +static DBusHandlerResult request_message(DBusConnection *conn, + DBusMessage *msg, void *data) +{ + DBusMessage *reply; + const char *path, *address; + dbus_bool_t numeric; + + if (!passkey) + return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; + + if (!dbus_message_get_args(msg, NULL, + DBUS_TYPE_STRING, &path, DBUS_TYPE_STRING, &address, + DBUS_TYPE_BOOLEAN, &numeric, DBUS_TYPE_INVALID)) { + fprintf(stderr, "Invalid arguments for passkey Request method"); + return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; + } + + if (do_reject) { + reply = dbus_message_new_error(msg, + "org.bluez.Error.Rejected", ""); + goto send; + } + + reply = dbus_message_new_method_return(msg); + if (!reply) { + fprintf(stderr, "Can't create reply message\n"); + return DBUS_HANDLER_RESULT_NEED_MEMORY; + } + + printf("Passkey request for device %s\n", address); + + dbus_message_append_args(reply, DBUS_TYPE_STRING, &passkey, + DBUS_TYPE_INVALID); + +send: + dbus_connection_send(conn, reply, NULL); + + dbus_connection_flush(conn); + + dbus_message_unref(reply); + + return DBUS_HANDLER_RESULT_HANDLED; +} + +static DBusHandlerResult cancel_message(DBusConnection *conn, + DBusMessage *msg, void *data) +{ + DBusMessage *reply; + const char *path, *address; + + if (!dbus_message_get_args(msg, NULL, + DBUS_TYPE_STRING, &path, DBUS_TYPE_STRING, &address, + DBUS_TYPE_INVALID)) { + fprintf(stderr, "Invalid arguments for passkey Confirm method"); + return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; + } + + printf("Request canceled for device %s\n", address); + + reply = dbus_message_new_method_return(msg); + if (!reply) { + fprintf(stderr, "Can't create reply message\n"); + return DBUS_HANDLER_RESULT_NEED_MEMORY; + } + + dbus_connection_send(conn, reply, NULL); + + dbus_connection_flush(conn); + + dbus_message_unref(reply); + + return DBUS_HANDLER_RESULT_HANDLED; +} + +static DBusHandlerResult release_message(DBusConnection *conn, + DBusMessage *msg, void *data) +{ + DBusMessage *reply; + + if (!dbus_message_get_args(msg, NULL, DBUS_TYPE_INVALID)) { + fprintf(stderr, "Invalid arguments for passkey Release method"); + return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; + } + + if (!__io_canceled) + fprintf(stderr, "Passkey service has been released\n"); + + __io_terminated = 1; + + reply = dbus_message_new_method_return(msg); + if (!reply) { + fprintf(stderr, "Can't create reply message\n"); + return DBUS_HANDLER_RESULT_NEED_MEMORY; + } + + dbus_connection_send(conn, reply, NULL); + + dbus_connection_flush(conn); + + dbus_message_unref(reply); + + return DBUS_HANDLER_RESULT_HANDLED; +} + +static DBusHandlerResult agent_message(DBusConnection *conn, + DBusMessage *msg, void *data) +{ + if (dbus_message_is_method_call(msg, "org.bluez.PasskeyAgent", "Request")) + return request_message(conn, msg, data); + + if (dbus_message_is_method_call(msg, "org.bluez.PasskeyAgent", "Cancel")) + return cancel_message(conn, msg, data); + + if (dbus_message_is_method_call(msg, "org.bluez.PasskeyAgent", "Release")) + return release_message(conn, msg, data); + + return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; +} + +static const DBusObjectPathVTable agent_table = { + .message_function = agent_message, +}; + +static int register_agent(DBusConnection *conn, const char *agent_path, + const char *remote_address, int use_default) +{ + DBusMessage *msg, *reply; + DBusError err; + const char *path, *method, *address = remote_address; + + if (!dbus_connection_register_object_path(conn, agent_path, + &agent_table, NULL)) { + fprintf(stderr, "Can't register object path for agent\n"); + return -1; + } + + if (use_default) { + path = "/org/bluez"; + method = "RegisterDefaultPasskeyAgent"; + } else { + path = "/org/bluez/hci0"; + method = "RegisterPasskeyAgent"; + } + + msg = dbus_message_new_method_call("org.bluez", path, INTERFACE, method); + if (!msg) { + fprintf(stderr, "Can't allocate new method call\n"); + return -1; + } + + if (use_default) + dbus_message_append_args(msg, DBUS_TYPE_STRING, &agent_path, + DBUS_TYPE_INVALID); + else + dbus_message_append_args(msg, DBUS_TYPE_STRING, &agent_path, + DBUS_TYPE_STRING, &address, DBUS_TYPE_INVALID); + + dbus_error_init(&err); + + reply = dbus_connection_send_with_reply_and_block(conn, msg, -1, &err); + + dbus_message_unref(msg); + + if (!reply) { + fprintf(stderr, "Can't register passkey agent\n"); + if (dbus_error_is_set(&err)) { + fprintf(stderr, "%s\n", err.message); + dbus_error_free(&err); + } + return -1; + } + + dbus_message_unref(reply); + + dbus_connection_flush(conn); + + return 0; +} + +static int unregister_agent(DBusConnection *conn, const char *agent_path, + const char *remote_address, int use_default) +{ + DBusMessage *msg, *reply; + DBusError err; + const char *path, *method, *address = remote_address; + + if (use_default) { + path = "/org/bluez"; + method = "UnregisterDefaultPasskeyAgent"; + } else { + path = "/org/bluez/hci0"; + method = "UnregisterPasskeyAgent"; + } + + msg = dbus_message_new_method_call("org.bluez", path, INTERFACE, method); + if (!msg) { + fprintf(stderr, "Can't allocate new method call\n"); + dbus_connection_unref(conn); + exit(1); + } + + if (use_default) + dbus_message_append_args(msg, DBUS_TYPE_STRING, &agent_path, + DBUS_TYPE_INVALID); + else + dbus_message_append_args(msg, DBUS_TYPE_STRING, &agent_path, + DBUS_TYPE_STRING, &address, DBUS_TYPE_INVALID); + + dbus_error_init(&err); + + reply = dbus_connection_send_with_reply_and_block(conn, msg, -1, &err); + + dbus_message_unref(msg); + + if (!reply) { + fprintf(stderr, "Can't unregister passkey agent\n"); + if (dbus_error_is_set(&err)) { + fprintf(stderr, "%s\n", err.message); + dbus_error_free(&err); + } + return -1; + } + + dbus_message_unref(reply); + + dbus_connection_flush(conn); + + dbus_connection_unregister_object_path(conn, agent_path); + + return 0; +} + +static void usage(void) +{ + printf("Bluetooth passkey agent ver %s\n\n", VERSION); + + printf("Usage:\n" + "\tpasskey-agent [--default] [--path agent-path] [address]\n" + "\n"); +} + +static struct option main_options[] = { + { "default", 0, 0, 'd' }, + { "reject", 0, 0, 'r' }, + { "path", 1, 0, 'p' }, + { "help", 0, 0, 'h' }, + { 0, 0, 0, 0 } +}; + +int main(int argc, char *argv[]) +{ + struct sigaction sa; + DBusConnection *conn; + char match_string[128], default_path[128], *agent_path = NULL; + int opt, use_default = 0; + + snprintf(default_path, sizeof(default_path), + "/org/bluez/passkey_agent_%d", getpid()); + + while ((opt = getopt_long(argc, argv, "+dp:h", main_options, NULL)) != EOF) { + switch(opt) { + case 'd': + use_default = 1; + break; + case 'r': + do_reject = 1; + break; + case 'p': + if (optarg[0] != '/') { + fprintf(stderr, "Invalid path\n"); + exit(1); + } + agent_path = strdup(optarg); + break; + case 'h': + usage(); + exit(0); + default: + exit(1); + } + } + + argc -= optind; + argv += optind; + optind = 0; + + if (argc < 1) { + usage(); + exit(1); + } + + passkey = strdup(argv[0]); + address = (argc > 1) ? strdup(argv[1]) : NULL; + + if (!use_default && !address) { + usage(); + exit(1); + } + + if (!agent_path) + agent_path = strdup(default_path); + + conn = dbus_bus_get(DBUS_BUS_SYSTEM, NULL); + if (!conn) { + fprintf(stderr, "Can't get on system bus"); + exit(1); + } + + if (register_agent(conn, agent_path, address, use_default) < 0) { + dbus_connection_unref(conn); + exit(1); + } + + if (!dbus_connection_add_filter(conn, agent_filter, NULL, NULL)) + fprintf(stderr, "Can't add signal filter"); + + snprintf(match_string, sizeof(match_string), + "interface=%s,member=NameOwnerChanged,arg0=%s", + DBUS_INTERFACE_DBUS, "org.bluez"); + + dbus_bus_add_match(conn, match_string, NULL); + + memset(&sa, 0, sizeof(sa)); + sa.sa_flags = SA_NOCLDSTOP; + sa.sa_handler = sig_term; + sigaction(SIGTERM, &sa, NULL); + sigaction(SIGINT, &sa, NULL); + + while (!__io_canceled && !__io_terminated) { + if (dbus_connection_read_write_dispatch(conn, 500) != TRUE) + break; + } + + if (!__io_terminated) + unregister_agent(conn, agent_path, address, use_default); + + if (passkey) + free(passkey); + + dbus_connection_unref(conn); + + return 0; +} diff --git a/patches/source/bluez/patches/bluez-dbus-config.patch b/patches/source/bluez/patches/bluez-dbus-config.patch new file mode 100644 index 00000000..4160600a --- /dev/null +++ b/patches/source/bluez/patches/bluez-dbus-config.patch @@ -0,0 +1,25 @@ +Use the plugdev group for bluetooth on Slackware, and allow this to + work as expected with our current setup. + +diff -Nur bluez-4.61.orig//src/bluetooth.conf bluez-4.61/src/bluetooth.conf +--- bluez-4.61.orig//src/bluetooth.conf 2010-02-18 17:48:50.434527785 -0600 ++++ bluez-4.61/src/bluetooth.conf 2010-02-18 17:47:30.727431004 -0600 +@@ -11,11 +11,16 @@ + + + ++ + + + +- +- ++ ++ ++ ++ ++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/patches/source/mozilla-thunderbird/mozilla-thunderbird.SlackBuild b/patches/source/mozilla-thunderbird/mozilla-thunderbird.SlackBuild new file mode 100755 index 00000000..5dc51b8c --- /dev/null +++ b/patches/source/mozilla-thunderbird/mozilla-thunderbird.SlackBuild @@ -0,0 +1,181 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# Thanks to the folks at the Mozilla Foundation for permission to +# distribute this, and for all the great work! :-) + +VERSION=$(basename $(ls thunderbird-*.tar.bz2 | cut -d - -f 2 | rev | cut -f 3- -d . | rev) .source) +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +MOZVERS=${MOZVERS:-1.9.2} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Try to be gentle to the compiler, no optimizations: +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O -fPIC" + LIBDIRSUFFIX="64" +elif [ "$ARCH" = "arm" ]; then + SLKCFLAGS="-O2 -march=armv4 -mtune=xscale" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "armel" ]; then + SLKCFLAGS="-O2 -march=armv4t" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-mozilla-thunderbird + +rm -rf $PKG +mkdir -p $TMP $PKG/usr/lib${LIBDIRSUFFIX} + +cd $TMP +rm -rf comm-$MOZVERS +tar xvf $CWD/thunderbird-$VERSION.source.tar.bz2 || exit 1 +cd comm-$MOZVERS || exit 1 + +# Fix a long standing bug that's prevented staying current on GTK+. +# Thanks to the BLFS folks. :-) +cat << EOF >> mozilla/layout/build/Makefile.in + +ifdef MOZ_ENABLE_CANVAS +EXTRA_DSO_LDOPTS += \$(XLDFLAGS) -lX11 -lXrender +endif + +EOF + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +export MOZILLA_OFFICIAL="1" && +export BUILD_OFFICIAL="1" && +export MOZ_PHOENIX="1" && +export CFLAGS="$SLKCFLAGS" && +export CXXFLAGS="$SLKCFLAGS" && +export MOZ_MAKE_FLAGS="$NUMJOBS" && +./configure \ + --enable-official-branding \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --with-default-mozilla-five-home=/usr/lib${LIBDIRSUFFIX}/thunderbird-$VERSION \ + --with-system-zlib \ + --enable-application=mail \ + --enable-default-toolkit=cairo-gtk2 \ + --enable-startup-notification \ + --enable-crypto \ + --enable-svg \ + --enable-canvas \ + --enable-xft \ + --enable-xinerama \ + --enable-ldap \ + --enable-optimize \ + --enable-reorder \ + --enable-static \ + --enable-strip \ + --enable-system-cairo \ + --enable-cpp-rtti \ + --enable-single-profile \ + --disable-accessibility \ + --disable-debug \ + --disable-tests \ + --disable-logging \ + --disable-pedantic \ + --disable-installer \ + --disable-profilesharing + # Complains about missing APNG support in Slackware's libpng: + #--with-system-png \ + +#make -f client.mk build MOZ_MAKE_FLAGS="$NUMJOBS" || exit 1 +make $NUMJOBS || exit 1 +make install DESTDIR=$PKG || exit 1 + +# We don't need these (just symlinks anyway): +rm -rf $PKG/usr/lib${LIBDIRSUFFIX}/thunderbird-devel-$VERSION + +# Nor these: +rm -rf $PKG/usr/include + +( cd $PKG/usr/lib${LIBDIRSUFFIX}/thunderbird-$VERSION + cp -a defaults/profile/mimeTypes.rdf defaults/profile/mimeTypes.rdf.orig + zcat $CWD/mimeTypes.rdf > defaults/profile/mimeTypes.rdf || exit 1 +) || exit 1 + +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/mozilla/plugins +mkdir -p $PKG/usr/share/applications +cat $CWD/mozilla-thunderbird.desktop > $PKG/usr/share/applications/mozilla-thunderbird.desktop +mkdir -p $PKG/usr/share/pixmaps +cat $CWD/thunderbird.png > $PKG/usr/share/pixmaps/thunderbird.png + +# These files/directories are usually created if Firefox is run as root, +# which on many systems might (and possibly should) be never. Therefore, if we +# don't see them we'll put stubs in place to prevent startup errors. +( cd $PKG/usr/lib${LIBDIRSUFFIX}/thunderbird-$VERSION + if [ -d extensions/talkback\@mozilla.org ]; then + if [ ! -r extensions/talkback\@mozilla.org/chrome.manifest ]; then + echo > extensions/talkback\@mozilla.org/chrome.manifest + fi + fi + if [ ! -d updates ]; then + mkdir -p updates/0 + fi +) + +# Need some default icons in the right place: +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/thunderbird-$VERSION/chrome/icons/default +install -m 644 other-licenses/branding/thunderbird/default16.png \ + $PKG/usr/lib${LIBDIRSUFFIX}/thunderbird-$VERSION/icons/ +install -m 644 other-licenses/branding/thunderbird/default16.png \ + $PKG/usr/lib${LIBDIRSUFFIX}/thunderbird-$VERSION/chrome/icons/default/ +( cd $PKG/usr/lib${LIBDIRSUFFIX}/thunderbird-$VERSION + install -m 644 icons/{default,mozicon50}.xpm chrome/icons/default/ +) + +# Copy over the LICENSE +install -p -c -m 644 LICENSE $PKG/usr/lib${LIBDIRSUFFIX}/thunderbird-$VERSION/ + +mkdir $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/mozilla-thunderbird-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/mozilla-thunderbird/mozilla-thunderbird.desktop b/patches/source/mozilla-thunderbird/mozilla-thunderbird.desktop new file mode 100644 index 00000000..0f85ecbe --- /dev/null +++ b/patches/source/mozilla-thunderbird/mozilla-thunderbird.desktop @@ -0,0 +1,84 @@ +[Desktop Entry] +Encoding=UTF-8 +Exec=thunderbird +Icon=/usr/share/pixmaps/thunderbird.png +Type=Application +Categories=Application;Network; +Name=Thunderbird +Name[bn]=থাণ্ডারবার্ড +Name[eo]=Mozilo Tondrobirdo +Name[fi]=Mozilla Thunderbird +Name[pa]=ਥੰਡਰਬਰਡ +Name[tg]=Паррандаи бало +GenericName=Mail Client +GenericName[af]=Pos Kliënt +GenericName[ar]=البريد الألكتروني +GenericName[az]=Poçt Alıcısı +GenericName[be]=Паштовы кліент +GenericName[bg]=Пощенски клиент +GenericName[bn]=ইমেইল ক্লায়েন্ট +GenericName[br]=Arval postel +GenericName[bs]=Program za čitanje elektronske pošte +GenericName[ca]=Client de correu electrònic +GenericName[cs]=Klient pro čtení elektronické pošty +GenericName[cy]=Dibynnydd Ebost +GenericName[da]=E-mail-klient +GenericName[de]=E-Mail-Programm +GenericName[el]=Πελάτης mail +GenericName[eo]=Legi kaj sendi retpoŝton +GenericName[es]=Cliente de correo electrónico +GenericName[et]=Meiliklient +GenericName[eu]=Posta bezeroa +GenericName[fa]=کارگیر پست الکترونیکی +GenericName[fi]=Sähköpostiohjelma +GenericName[fo]=Postforrit +GenericName[fr]=Logiciel de messagerie électronique +GenericName[ga]=Cliant Ríomhphoist +GenericName[gl]=Cliente de correo +GenericName[he]=תוכנית דואר +GenericName[hi]=डाकिया +GenericName[hr]=Program za čitanje elektronske pošte +GenericName[hu]=Levelezőprogram +GenericName[id]=Klien Mail +GenericName[is]=Póstforrit +GenericName[it]=Programma di posta elettronica +GenericName[ja]=メールクライアント +GenericName[ko]=편지를 주고 받는 프로그램 +GenericName[lo]=ໄຄແເອັນຈົດຫມາຍເອເລັກໂຕນິກ +GenericName[lt]=Pašto klientas +GenericName[lv]=Pasta Klients +GenericName[mk]=Програма за електронска пошта +GenericName[mn]=Э-Захиа-Програм +GenericName[mt]=Klijent tal-imejl +GenericName[nb]=E-postklient +GenericName[nds]=Mailprogramm +GenericName[nl]=E-mailclient +GenericName[nn]=Lesing og sending av e-post +GenericName[nso]=Moreki wa Poso +GenericName[oc]=Programari de correu electrònic +GenericName[pa]=ਪੱਤਰ ਕਲਾਂਇਟ +GenericName[pl]=Program do wysyłania i odbierania poczty elektronicznej +GenericName[pt]=Client de E-mail +GenericName[pt_BR]=Cliente de E-mail +GenericName[ro]=Program de poştă electronică +GenericName[ru]=Клиент электронной почты +GenericName[se]=Boastaprográmma +GenericName[sk]=Klient elektronickej pošty +GenericName[sl]=Program za e-pošto +GenericName[sr]=Програм за e-пошту +GenericName[sr@Latn]=Program za e-poštu +GenericName[ss]=Likhasimende leliposi +GenericName[sv]=E-postklient +GenericName[ta]=அஞ்சல் உறுப்பினர் +GenericName[tg]=Коргири почтаи эллектроникӣ +GenericName[th]=ไคลเอนต์จดหมายอิเล็กทรอนิกส์ +GenericName[tr]=Posta İstemcisi +GenericName[uk]=Клієнт електронної пошти +GenericName[uz]=Хат-хабар клиенти +GenericName[ven]=Mushumisani na poso +GenericName[wa]=Cliyint d' emilaedje +GenericName[xh]=Umxhasi Weposi +GenericName[zh_CN]=邮件程序 +GenericName[zh_TW]=郵件處理程式 +GenericName[zu]=Umxhasi weposi +X-KDE-StartupNotify=true diff --git a/patches/source/mozilla-thunderbird/slack-desc b/patches/source/mozilla-thunderbird/slack-desc new file mode 100644 index 00000000..353b2225 --- /dev/null +++ b/patches/source/mozilla-thunderbird/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +mozilla-thunderbird: mozilla-thunderbird (Mozilla Thunderbird mail application) +mozilla-thunderbird: +mozilla-thunderbird: Mozilla Thunderbird is a redesign of the Mozilla mail component +mozilla-thunderbird: written using the XUL user interface language. Thunderbird makes +mozilla-thunderbird: emailing safer, faster, and easier than ever before with the +mozilla-thunderbird: industry's best implementations of features such as intelligent spam +mozilla-thunderbird: filters, built-in RSS reader, quick search, and much more. +mozilla-thunderbird: +mozilla-thunderbird: Visit the Mozilla Thunderbird project online: +mozilla-thunderbird: http://www.mozilla.org/projects/thunderbird/ +mozilla-thunderbird: diff --git a/patches/source/mozilla-thunderbird/thunderbird.png b/patches/source/mozilla-thunderbird/thunderbird.png new file mode 100644 index 00000000..61a37d70 Binary files /dev/null and b/patches/source/mozilla-thunderbird/thunderbird.png differ diff --git a/patches/source/mysql/doinst.sh b/patches/source/mysql/doinst.sh new file mode 100644 index 00000000..22f77474 --- /dev/null +++ b/patches/source/mysql/doinst.sh @@ -0,0 +1,22 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +# Keep same perms on rc.mysqld.new: +if [ -e etc/rc.d/rc.mysqld ]; then + cp -a etc/rc.d/rc.mysqld etc/rc.d/rc.mysqld.new.incoming + cat etc/rc.d/rc.mysqld.new > etc/rc.d/rc.mysqld.new.incoming + mv etc/rc.d/rc.mysqld.new.incoming etc/rc.d/rc.mysqld.new +fi + +config etc/rc.d/rc.mysqld.new + diff --git a/patches/source/mysql/mirror-url b/patches/source/mysql/mirror-url new file mode 100644 index 00000000..885cd48e --- /dev/null +++ b/patches/source/mysql/mirror-url @@ -0,0 +1 @@ +ftp://mysql.llarian.net/pub/mysql/ diff --git a/patches/source/mysql/mysql-embedded.build b/patches/source/mysql/mysql-embedded.build new file mode 100755 index 00000000..2ac77f31 --- /dev/null +++ b/patches/source/mysql/mysql-embedded.build @@ -0,0 +1,64 @@ +#!/bin/sh +# Build and install MySQL on Slackware +# by: David Cantrell +# Currently maintained by: Patrick Volkerding + +VERSION=${VERSION:-$(echo mysql-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-mysql + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf mysql-$VERSION +tar xvf $CWD/mysql-$VERSION.tar.?z* || exit 1 +cd mysql-$VERSION + +if ls $CWD/*.diff.gz 1> /dev/null 2> /dev/null ; then + for patch in $CWD/*.diff.gz ; do + zcat $patch | patch -p1 --verbose || exit 1 + done +fi + +CFLAGS="$SLKCFLAGS -fPIC" CXXFLAGS="$SLKCFLAGS -fPIC" \ + ./configure --prefix=/usr --libdir=/usr/lib${LIBDIRSUFFIX} \ + --datadir=/usr/share --sysconfdir=/etc/mysql \ + --libexecdir=/usr/sbin --localstatedir=/var/lib/mysql \ + --without-docs --without-man --without-server \ + --with-embedded-server --without-innodb \ + --without-berkeley-db --without-row-based-replication \ + --without-readline --disable-shared --with-charset=utf8 \ + --without-debug --with-pthread --without-ssl --without-query-cache \ + --without-geometry --with-pic + +make -j6 || make || exit 1 + +cp libmysqld/libmysqld.a /usr/lib${LIBDIRSUFFIX}/mysql/ + diff --git a/patches/source/mysql/mysql.CVE-2014-0001.diff b/patches/source/mysql/mysql.CVE-2014-0001.diff new file mode 100644 index 00000000..01a845e8 --- /dev/null +++ b/patches/source/mysql/mysql.CVE-2014-0001.diff @@ -0,0 +1,11 @@ +--- ./client/mysql.cc.orig 2013-11-04 12:52:27.000000000 -0600 ++++ ./client/mysql.cc 2014-02-18 22:24:32.928195436 -0600 +@@ -1167,7 +1167,7 @@ + + put_info("Welcome to the MySQL monitor. Commands end with ; or \\g.", + INFO_INFO); +- sprintf((char*) glob_buffer.ptr(), ++ snprintf((char*) glob_buffer.ptr(), glob_buffer.alloced_length(), + "Your MySQL connection id is %lu\nServer version: %s\n", + mysql_thread_id(&mysql), server_version_string(&mysql)); + put_info((char*) glob_buffer.ptr(),INFO_INFO); diff --git a/patches/source/mysql/mysql.SlackBuild b/patches/source/mysql/mysql.SlackBuild new file mode 100755 index 00000000..ac9cb73f --- /dev/null +++ b/patches/source/mysql/mysql.SlackBuild @@ -0,0 +1,223 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# Build and install MySQL on Slackware +# by: David Cantrell +# Currently maintained by: Patrick Volkerding + + +VERSION=${VERSION:-$(echo mysql-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-mysql + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf mysql-$VERSION +tar xvf $CWD/mysql-$VERSION.tar.?z* || exit 1 +cd mysql-$VERSION + +if ls $CWD/*.diff.gz 1> /dev/null 2> /dev/null ; then + for patch in $CWD/*.diff.gz ; do + zcat $patch | patch -p1 --verbose || exit 1 + done +fi + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS -felide-constructors -fno-exceptions -fno-rtti" \ +CXX=gcc \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --with-mysqld-user=mysql \ + --with-unix-socket-path=/var/run/mysql/mysql.sock \ + --localstatedir=/var/lib/mysql \ + --mandir=/usr/man \ + --infodir=/usr/info \ + --enable-assembler \ + --without-debug \ + --enable-thread-safe-client \ + --with-extra-charsets=complex \ + --with-ssl=/usr \ + --enable-largefile \ + --with-innodb \ + --with-readline \ + --build=$ARCH-slackware-linux +# +# --without-readline + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG + +# install additional headers needed for building external engine plugins +for i in sql include regex; do + for j in $i/*.h; do + install -m 644 $j $PKG/usr/include/mysql/ + done +done + +mkdir -p $PKG/usr/include/mysql/atomic +for i in include/atomic/*.h; do + install -m 644 $i $PKG/usr/include/mysql/atomic/ +done + +# The ./configure option to omit this has gone away, so we'll omit it +# the old-fashioned way. It's all in the source tarball if you need it. +rm -rf $PKG/usr/sql-bench + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Install support files +mkdir -p $PKG/etc +cp support-files/my-{huge,large,medium,small}.cnf $PKG/etc + +# Install docs +mkdir -p $PKG/usr/doc/mysql-$VERSION/Docs +cp -a \ + COPYING* EXCEPTIONS* INSTALL-SOURCE README* \ + $PKG/usr/doc/mysql-$VERSION +( cd Docs + # Seems most of the Docs/* are gone, but we'll leave the cp stuff + # in case it returns. + cp -a INSTALL-BINARY *.html *.txt Flags \ + $PKG/usr/doc/mysql-$VERSION/Docs ) +## Too large to justify since the .html version is right there: +#rm $PKG/usr/doc/mysql-$VERSION/Docs/manual.txt +find $PKG/usr/doc/mysql-$VERSION -type f -exec chmod 0644 {} \; + +# This is the directory where databases are stored +mkdir -p $PKG/var/lib/mysql +chown mysql.mysql $PKG/var/lib/mysql +chmod 0750 $PKG/var/lib/mysql + +# This is where the socket is stored +mkdir -p $PKG/var/run/mysql +chown mysql.mysql $PKG/var/run/mysql +chmod 0755 $PKG/var/run/mysql + +# Do not include the test suite: +rm -rf $PKG/usr/mysql-test + +# Add init script: +mkdir -p $PKG/etc/rc.d +# This is intentionally chmod 644. +zcat $CWD/rc.mysqld.gz > $PKG/etc/rc.d/rc.mysqld.new + +# Install script: +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Add some handy library symlinks: +if [ -r $PKG/usr/lib${LIBDIRSUFFIX}/mysql/libmysqlclient.so.16 ]; then + ( cd $PKG/usr/lib${LIBDIRSUFFIX} + rm -f libmysqlclient.so libmysqlclient.so.16 + ln -sf mysql/libmysqlclient.so . + ln -sf mysql/libmysqlclient.so.16 . + ) +else + exit 1 +fi +if [ -r $PKG/usr/lib${LIBDIRSUFFIX}/mysql/libmysqlclient_r.so.16 ]; then + ( cd $PKG/usr/lib${LIBDIRSUFFIX} + rm -f libmysqlclient_r.so libmysqlclient_r.so.16 + ln -sf mysql/libmysqlclient_r.so . + ln -sf mysql/libmysqlclient_r.so.16 . + ) +else + exit 1 +fi + +# Packaging standards: +rm -f $PKG/usr/info/dir + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +# Compress info files, if any: +if [ -d $PKG/usr/info ]; then + ( cd $PKG/usr/info + rm -f dir + gzip -9 * + ) +fi + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +# Build package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/mysql-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/mysql/mysql.openssl0.diff b/patches/source/mysql/mysql.openssl0.diff new file mode 100644 index 00000000..42885ee5 --- /dev/null +++ b/patches/source/mysql/mysql.openssl0.diff @@ -0,0 +1,13 @@ +--- mysql-5.5.31/vio/viossl.c~ 2013-03-25 14:14:58.000000000 +0100 ++++ mysql-5.5.31/vio/viossl.c 2013-04-18 16:58:38.552557538 +0200 +@@ -172,8 +172,10 @@ + SSL_SESSION_set_timeout(SSL_get_session(ssl), timeout); + SSL_set_fd(ssl, vio->sd); + #ifndef HAVE_YASSL ++#ifdef SSL_OP_NO_COMPRESSION + SSL_set_options(ssl, SSL_OP_NO_COMPRESSION); + #endif ++#endif + + if ((r= connect_accept_func(ssl)) < 1) + { diff --git a/patches/source/mysql/rc.mysqld b/patches/source/mysql/rc.mysqld new file mode 100644 index 00000000..300e6eb2 --- /dev/null +++ b/patches/source/mysql/rc.mysqld @@ -0,0 +1,86 @@ +#!/bin/sh +# Start/stop/restart mysqld. +# +# Copyright 2003 Patrick J. Volkerding, Concord, CA +# Copyright 2003 Slackware Linux, Inc., Concord, CA +# Copyright 2008 Patrick J. Volkerding, Sebeka, MN +# +# This program comes with NO WARRANTY, to the extent permitted by law. +# You may redistribute copies of this program under the terms of the +# GNU General Public License. + +# To start MySQL automatically at boot, be sure this script is executable: +# chmod 755 /etc/rc.d/rc.mysqld + +# Before you can run MySQL, you must have a database. To install an initial +# database, do this as root: +# +# mysql_install_db --user=mysql +# +# Note that the mysql user must exist in /etc/passwd, and the created files +# will be owned by this dedicated user. This is important, or else mysql +# (which runs as user "mysql") will not be able to write to the database +# later (this can be fixed with 'chown -R mysql.mysql /var/lib/mysql'). +# +# To increase system security, consider using "mysql_secure_installation" +# as well. For more information on this tool, please read: +# man mysql_secure_installation + +# To allow outside connections to the database comment out the next line. +# If you don't need incoming network connections, then leave the line +# uncommented to improve system security. +SKIP="--skip-networking" + +# Start mysqld: +mysqld_start() { + if [ -x /usr/bin/mysqld_safe ]; then + # If there is an old PID file (no mysqld running), clean it up: + if [ -r /var/run/mysql/mysql.pid ]; then + if ! ps axc | grep mysqld 1> /dev/null 2> /dev/null ; then + echo "Cleaning up old /var/run/mysql/mysql.pid." + rm -f /var/run/mysql/mysql.pid + fi + fi + /usr/bin/mysqld_safe --datadir=/var/lib/mysql --pid-file=/var/run/mysql/mysql.pid $SKIP & + fi +} + +# Stop mysqld: +mysqld_stop() { + # If there is no PID file, ignore this request... + if [ -r /var/run/mysql/mysql.pid ]; then + killall mysqld + # Wait at least one minute for it to exit, as we don't know how big the DB is... + for second in 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 \ + 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 60 ; do + if [ ! -r /var/run/mysql/mysql.pid ]; then + break; + fi + sleep 1 + done + if [ "$second" = "60" ]; then + echo "WARNING: Gave up waiting for mysqld to exit!" + sleep 15 + fi + fi +} + +# Restart mysqld: +mysqld_restart() { + mysqld_stop + mysqld_start +} + +case "$1" in +'start') + mysqld_start + ;; +'stop') + mysqld_stop + ;; +'restart') + mysqld_restart + ;; +*) + echo "usage $0 start|stop|restart" +esac diff --git a/patches/source/mysql/slack-desc b/patches/source/mysql/slack-desc new file mode 100644 index 00000000..29e1b8be --- /dev/null +++ b/patches/source/mysql/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +mysql: mysql (SQL-based relational database server) +mysql: +mysql: MySQL is a fast, multi-threaded, multi-user, and robust SQL +mysql: (Structured Query Language) database server. It comes with a nice API +mysql: which makes it easy to integrate into other applications. +mysql: +mysql: The home page for MySQL is http://www.mysql.com/ +mysql: +mysql: +mysql: +mysql: diff --git a/patches/source/ntp/doinst.sh b/patches/source/ntp/doinst.sh new file mode 100644 index 00000000..bc542990 --- /dev/null +++ b/patches/source/ntp/doinst.sh @@ -0,0 +1,28 @@ +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +preserve_perms() { + NEW="$1" + OLD="$(dirname ${NEW})/$(basename ${NEW} .new)" + if [ -e ${OLD} ]; then + cp -a ${OLD} ${NEW}.incoming + cat ${NEW} > ${NEW}.incoming + mv ${NEW}.incoming ${NEW} + fi + config ${NEW} +} + +config etc/ntp.conf.new +config etc/ntp/ntp.keys.new +if [ -r etc/rc.d/rc.ntpd -a -r etc/rc.d/rc.ntpd.new ]; then + chmod --reference=etc/rc.d/rc.ntpd etc/rc.d/rc.ntpd.new +fi +mv etc/rc.d/rc.ntpd.new etc/rc.d/rc.ntpd diff --git a/patches/source/ntp/ntp.SlackBuild b/patches/source/ntp/ntp.SlackBuild new file mode 100755 index 00000000..fef8d125 --- /dev/null +++ b/patches/source/ntp/ntp.SlackBuild @@ -0,0 +1,158 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2012, 2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=ntp +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-ntp + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf ntp-${VERSION}* +tar xvf $CWD/ntp-${VERSION}*.tar.?z* || exit 1 +cd ntp-${VERSION}* || exit 1 + +zcat $CWD/ntp.nano.diff.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 2777 -o -perm 2755 -o -perm 2775 \) \ + -exec chmod u+rwx,g-sw,g+rx,o-w,o+rx {} \; -o \ + \( -perm 777 -o -perm 775 -o -perm 774 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod u+rwx,g-sw,g+rx,o-w,o+rx {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --localstatedir=/var \ + --sysconfdir=/etc \ + --bindir=/usr/sbin \ + --sbindir=/usr/sbin \ + --mandir=/usr/man \ + --docdir=/usr/doc/ntp-$VERSION \ + --htmldir=/usr/doc/ntp-$VERSION \ + --enable-ipv6 \ + --with-crypto \ + --program-prefix= \ + --program-suffix= \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make -i install DESTDIR=$PKG || exit 1 + +# Since the Makefile's install pays no heed to the --bindir settings, +# we'll move things to where they've always been ourselves: +mv $PKG/usr/bin/* $PKG/usr/sbin +rmdir $PKG/usr/bin + +# This might only be an empty directory: +rmdir $PKG/usr/lib/pkgconfig + +# This should be empty. Try to remove it, and error out if it's not actually empty: +rmdir $PKG/usr/libexec || exit 1 + +mkdir -p $PKG/etc/ntp +cat $CWD/ntp.conf > $PKG/etc/ntp.conf.new +cat $CWD/ntp.keys > $PKG/etc/ntp/ntp.keys.new +chmod 600 $PKG/etc/ntp/ntp.keys.new +touch $PKG/etc/ntp/step-tickers + +mkdir -p $PKG/etc/rc.d +cat $CWD/rc.ntpd > $PKG/etc/rc.d/rc.ntpd.new + +mv $PKG/usr/doc/ntp-$VERSION/*.html $PKG/usr/doc/ntp-$VERSION/html || exit 1 +cp -a \ + COPYRIGHT NEWS README* TODO WHERE-TO-START \ + *.y2kfixes clockstuff conf scripts \ + $PKG/usr/doc/ntp-$VERSION +mkdir $PKG/usr/doc/ntp-$VERSION/util +cp -a util/README $PKG/usr/doc/ntp-$VERSION/util +mkdir $PKG/usr/doc/ntp-$VERSION/ntpdate +cp -a ntpdate/README $PKG/usr/doc/ntp-$VERSION/ntpdate +( cd $PKG/usr/doc/ntp-$VERSION + find . -name ".deps*" -exec rm -rf "{}" \; 2> /dev/null +) + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +# Strip binaries: +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/ntp-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/ntp/ntp.conf b/patches/source/ntp/ntp.conf new file mode 100644 index 00000000..1844fb91 --- /dev/null +++ b/patches/source/ntp/ntp.conf @@ -0,0 +1,72 @@ +# Sample /etc/ntp.conf: Configuration file for ntpd. +# +# Undisciplined Local Clock. This is a fake driver intended for backup +# and when no outside source of synchronized time is available. The +# default stratum is usually 3, but in this case we elect to use stratum +# 0. Since the server line does not have the prefer keyword, this driver +# is never used for synchronization, unless no other other +# synchronization source is available. In case the local host is +# controlled by some external source, such as an external oscillator or +# another protocol, the prefer keyword would cause the local host to +# disregard all other synchronization sources, unless the kernel +# modifications are in use and declare an unsynchronized condition. +# +server 127.127.1.0 # local clock +fudge 127.127.1.0 stratum 10 + +# +# NTP server (list one or more) to synchronize with: +#server 0.pool.ntp.org iburst +#server 1.pool.ntp.org iburst +#server 2.pool.ntp.org iburst +#server 3.pool.ntp.org iburst + +# +# Drift file. Put this in a directory which the daemon can write to. +# No symbolic links allowed, either, since the daemon updates the file +# by creating a temporary in the same directory and then rename()'ing +# it to the file. +# +driftfile /etc/ntp/drift + +# +# Uncomment to use a multicast NTP server on the local subnet: +#multicastclient 224.0.1.1 # listen on default 224.0.1.1 +# Set an optional compensation for broadcast packet delay: +#broadcastdelay 0.008 + +# +# Keys file. If you want to diddle your server at run time, make a +# keys file (mode 600 for sure) and define the key number to be +# used for making requests. +# PLEASE DO NOT USE THE DEFAULT VALUES HERE. Pick your own, or remote +# systems might be able to reset your clock at will. +# +#keys /etc/ntp/keys +#trustedkey 65535 +#requestkey 65535 +#controlkey 65535 + +# +# Don't serve time or stats to anyone else by default (more secure) +restrict default limited kod nomodify notrap nopeer noquery +restrict -6 default limited kod nomodify notrap nopeer noquery + +# +# Use these lines instead if you do want to serve time and stats to +# other machines on the network: +#restrict default limited kod nomodify notrap nopeer +#restrict -6 default limited kod nomodify notrap nopeer + +# +# Disable the ntpdc -c monlist command, which is insecure and can be used +# to cause a denial of service attack (CVE-2013-5211). Future versions of +# NTP will remove this command. +# (this feature was disabled by default with ntpd 4.2.7p230) +disable monitor + +# +# Trust ourselves. :-) +restrict 127.0.0.1 +restrict ::1 + diff --git a/patches/source/ntp/ntp.keys b/patches/source/ntp/ntp.keys new file mode 100644 index 00000000..1c3fbd2c --- /dev/null +++ b/patches/source/ntp/ntp.keys @@ -0,0 +1,2 @@ +65535 M akey +1 M pass diff --git a/patches/source/ntp/ntp.nano.diff b/patches/source/ntp/ntp.nano.diff new file mode 100644 index 00000000..0ff361ce --- /dev/null +++ b/patches/source/ntp/ntp.nano.diff @@ -0,0 +1,17 @@ +--- ./include/ntp_syscall.h.orig 2009-12-09 01:36:37.000000000 -0600 ++++ ./include/ntp_syscall.h 2010-04-21 23:38:30.000000000 -0500 +@@ -14,6 +14,14 @@ + # include + #endif + ++#if defined(ADJ_NANO) && !defined(MOD_NANO) ++#define MOD_NANO ADJ_NANO ++#endif ++ ++#if defined(ADJ_TAI) && !defined(MOD_TAI) ++#define MOD_TAI ADJ_TAI ++#endif ++ + #ifndef NTP_SYSCALLS_LIBC + #ifdef NTP_SYSCALLS_STD + # define ntp_adjtime(t) syscall(SYS_ntp_adjtime, (t)) diff --git a/patches/source/ntp/rc.ntpd b/patches/source/ntp/rc.ntpd new file mode 100644 index 00000000..c1d1411c --- /dev/null +++ b/patches/source/ntp/rc.ntpd @@ -0,0 +1,71 @@ +#!/bin/sh +# Start/stop/restart ntpd. + +# Start ntpd: +ntpd_start() { + CMDLINE="/usr/sbin/ntpd -g" + echo -n "Starting NTP daemon: $CMDLINE" + $CMDLINE -p /var/run/ntpd.pid + echo + # The kernel is now mocking around with the the hardware clock if + # ntpd is running, so if the hardware clock (wall clock) is set to + # 'localtime' execute hwclock --localtime --systohc to disable the + # 11 minute mode kernel function: + if [ -x /sbin/hwclock ]; then + # Check for a broken motherboard RTC clock (where ioports for rtc are + # unknown) to prevent hwclock causing a hang: + if ! grep -q -w rtc /proc/ioports ; then + CLOCK_OPT="--directisa" + fi + if ! grep -q "^UTC" /etc/hardwareclock 2> /dev/null ; then + echo "Saving system time to the hardware clock (localtime)." + /sbin/hwclock $CLOCK_OPT --localtime --systohc + fi + fi +} + +# Stop ntpd: +ntpd_stop() { + echo -n "Stopping NTP daemon..." + if [ -r /var/run/ntpd.pid ]; then + kill -HUP $(cat /var/run/ntpd.pid) + rm -f /var/run/ntpd.pid + else + killall -HUP -q ntpd + fi + echo +} + +# Restart ntpd: +ntpd_restart() { + ntpd_stop + sleep 1 + ntpd_start +} + +# Check if ntpd is running +ntpd_status() { + if [ -e /var/run/ntpd.pid ]; then + echo "ntpd is running." + else + echo "ntpd is stopped." + exit 1 + fi +} + +case "$1" in +'start') + ntpd_start + ;; +'stop') + ntpd_stop + ;; +'restart') + ntpd_restart + ;; +'status') + ntpd_status + ;; +*) + echo "usage $0 start|stop|restart|status" +esac diff --git a/patches/source/ntp/slack-desc b/patches/source/ntp/slack-desc new file mode 100644 index 00000000..6319e888 --- /dev/null +++ b/patches/source/ntp/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +ntp: ntp (Network Time Protocol daemon) +ntp: +ntp: The Network Time Protocol (NTP) is used to synchronize the time of a +ntp: computer client or server to another server or reference time source, +ntp: such as a radio or satellite receiver or modem. It provides client +ntp: accuracies typically within a millisecond on LANs and up to a few tens +ntp: of milliseconds on WANs relative to a primary server synchronized to +ntp: Coordinated Universal Time (UTC) via a Global Positioning Service +ntp: (GPS) receiver, for example. +ntp: +ntp: diff --git a/patches/source/openssh/doinst.sh b/patches/source/openssh/doinst.sh new file mode 100644 index 00000000..73ce6283 --- /dev/null +++ b/patches/source/openssh/doinst.sh @@ -0,0 +1,49 @@ +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +preserve_perms() { + NEW="$1" + OLD="$(dirname ${NEW})/$(basename ${NEW} .new)" + if [ -e ${OLD} ]; then + cp -a ${OLD} ${NEW}.incoming + cat ${NEW} > ${NEW}.incoming + touch -r ${NEW} ${NEW}.incoming + mv ${NEW}.incoming ${NEW} + fi + config ${NEW} +} + +config etc/ssh/ssh_config.new +config etc/ssh/sshd_config.new +preserve_perms etc/rc.d/rc.sshd.new +if [ -e etc/rc.d/rc.sshd.new ]; then + mv etc/rc.d/rc.sshd.new etc/rc.d/rc.sshd +fi + +# If the sshd user/group/shadow don't exist, add them: + +if ! grep -q "^sshd:" etc/passwd ; then + echo "sshd:x:33:33:sshd:/:" >> etc/passwd +fi + +if ! grep -q "^sshd:" etc/group ; then + echo "sshd::33:sshd" >> etc/group +fi + +if ! grep -q "^sshd:" etc/shadow ; then + echo "sshd:*:9797:0:::::" >> etc/shadow +fi + +# Add a btmp file to store login failure if one doesn't exist: +if [ ! -r var/log/btmp ]; then + ( cd var/log ; umask 077 ; touch btmp ) +fi + diff --git a/patches/source/openssh/openssh-7.4p1-libwrap.diff b/patches/source/openssh/openssh-7.4p1-libwrap.diff new file mode 100644 index 00000000..d1025e43 --- /dev/null +++ b/patches/source/openssh/openssh-7.4p1-libwrap.diff @@ -0,0 +1,137 @@ +--- ./configure.ac.orig 2016-12-18 22:59:41.000000000 -0600 ++++ ./configure.ac 2016-12-23 12:58:04.200707728 -0600 +@@ -1467,6 +1467,62 @@ + ] + ) + ++# Check whether user wants TCP wrappers support ++TCPW_MSG="no" ++AC_ARG_WITH([tcp-wrappers], ++ [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)], ++ [ ++ if test "x$withval" != "xno" ; then ++ saved_LIBS="$LIBS" ++ saved_LDFLAGS="$LDFLAGS" ++ saved_CPPFLAGS="$CPPFLAGS" ++ if test -n "${withval}" && \ ++ test "x${withval}" != "xyes"; then ++ if test -d "${withval}/lib"; then ++ if test -n "${need_dash_r}"; then ++ LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" ++ else ++ LDFLAGS="-L${withval}/lib ${LDFLAGS}" ++ fi ++ else ++ if test -n "${need_dash_r}"; then ++ LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" ++ else ++ LDFLAGS="-L${withval} ${LDFLAGS}" ++ fi ++ fi ++ if test -d "${withval}/include"; then ++ CPPFLAGS="-I${withval}/include ${CPPFLAGS}" ++ else ++ CPPFLAGS="-I${withval} ${CPPFLAGS}" ++ fi ++ fi ++ LIBS="-lwrap -lnsl $LIBS" ++ AC_MSG_CHECKING([for libwrap]) ++ AC_LINK_IFELSE([AC_LANG_PROGRAM([[ ++#include ++#include ++#include ++#include ++int deny_severity = 0, allow_severity = 0; ++ ]], [[ ++ hosts_access(0); ++ ]])], [ ++ AC_MSG_RESULT([yes]) ++ AC_DEFINE([LIBWRAP], [1], ++ [Define if you want ++ TCP Wrappers support]) ++ SSHDLIBS="$SSHDLIBS -lwrap -lnsl" ++ TCPW_MSG="yes" ++ ], [ ++ AC_MSG_ERROR([*** libwrap missing]) ++ ++ ]) ++ LIBS="$saved_LIBS" ++ fi ++ ] ++) ++ + # Check whether user wants to use ldns + LDNS_MSG="no" + AC_ARG_WITH(ldns, +@@ -5081,6 +5137,7 @@ + echo " SELinux support: $SELINUX_MSG" + echo " Smartcard support: $SCARD_MSG" + echo " S/KEY support: $SKEY_MSG" ++echo " TCP Wrappers support: $TCPW_MSG" + echo " MD5 password support: $MD5_MSG" + echo " libedit support: $LIBEDIT_MSG" + echo " Solaris process contract support: $SPC_MSG" +--- ./sshd.c.orig 2016-12-18 22:59:41.000000000 -0600 ++++ ./sshd.c 2016-12-23 12:58:40.847710372 -0600 +@@ -123,6 +123,13 @@ + #include "version.h" + #include "ssherr.h" + ++#ifdef LIBWRAP ++#include ++#include ++int allow_severity; ++int deny_severity; ++#endif /* LIBWRAP */ ++ + /* Re-exec fds */ + #define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1) + #define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2) +@@ -1971,6 +1978,24 @@ + #ifdef SSH_AUDIT_EVENTS + audit_connection_from(remote_ip, remote_port); + #endif ++#ifdef LIBWRAP ++ allow_severity = options.log_facility|LOG_INFO; ++ deny_severity = options.log_facility|LOG_WARNING; ++ /* Check whether logins are denied from this host. */ ++ if (packet_connection_is_on_socket()) { ++ struct request_info req; ++ ++ request_init(&req, RQ_DAEMON, __progname, RQ_FILE, sock_in, 0); ++ fromhost(&req); ++ ++ if (!hosts_access(&req)) { ++ debug("Connection refused by tcp wrapper"); ++ refuse(&req); ++ /* NOTREACHED */ ++ fatal("libwrap refuse returns"); ++ } ++ } ++#endif /* LIBWRAP */ + + /* Log the connection. */ + laddr = get_local_ipaddr(sock_in); +--- ./sshd.8.orig 2016-12-18 22:59:41.000000000 -0600 ++++ ./sshd.8 2016-12-23 12:58:04.208707729 -0600 +@@ -825,6 +825,12 @@ + This file should be writable only by the user, and need not be + readable by anyone else. + .Pp ++.It Pa /etc/hosts.allow ++.It Pa /etc/hosts.deny ++Access controls that should be enforced by tcp-wrappers are defined here. ++Further details are described in ++.Xr hosts_access 5 . ++.Pp + .It Pa /etc/hosts.equiv + This file is for host-based authentication (see + .Xr ssh 1 ) . +@@ -929,6 +935,7 @@ + .Xr ssh-keygen 1 , + .Xr ssh-keyscan 1 , + .Xr chroot 2 , ++.Xr hosts_access 5 , + .Xr login.conf 5 , + .Xr moduli 5 , + .Xr sshd_config 5 , diff --git a/patches/source/openssh/openssh.CVE-2017-15906.patch b/patches/source/openssh/openssh.CVE-2017-15906.patch new file mode 100644 index 00000000..fdb963f7 --- /dev/null +++ b/patches/source/openssh/openssh.CVE-2017-15906.patch @@ -0,0 +1,19 @@ +--- ./sftp-server.c.orig 2016-12-18 22:59:41.000000000 -0600 ++++ ./sftp-server.c 2018-03-07 19:18:19.275984210 -0600 +@@ -1,4 +1,4 @@ +-/* $OpenBSD: sftp-server.c,v 1.110 2016/09/12 01:22:38 deraadt Exp $ */ ++/* $OpenBSD: sftp-server.c,v 1.111 2017/04/04 00:24:56 djm Exp $ */ + /* + * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. + * +@@ -691,8 +691,8 @@ + logit("open \"%s\" flags %s mode 0%o", + name, string_from_portable(pflags), mode); + if (readonly && +- ((flags & O_ACCMODE) == O_WRONLY || +- (flags & O_ACCMODE) == O_RDWR)) { ++ ((flags & O_ACCMODE) != O_RDONLY || ++ (flags & (O_CREAT|O_TRUNC)) != 0)) { + verbose("Refusing open request in read-only mode"); + status = SSH2_FX_PERMISSION_DENIED; + } else { diff --git a/patches/source/openssh/openssh.SlackBuild b/patches/source/openssh/openssh.SlackBuild new file mode 100755 index 00000000..7d673e3d --- /dev/null +++ b/patches/source/openssh/openssh.SlackBuild @@ -0,0 +1,169 @@ +#!/bin/sh + +# Copyright 2000 BSDi, Inc. Concord, CA, USA +# Copyright 2001, 2002, 2003, 2004 Slackware Linux, Inc. Concord, CA, USA +# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-openssh + +VERSION=${VERSION:-$(echo openssh-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack13.1} + +NUMJOBS=${NUMJOBS:--j6} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +elif [ "$ARCH" = "arm" ]; then + SLKCFLAGS="-O2 -march=armv4 -mtune=xscale" +elif [ "$ARCH" = "armel" ]; then + SLKCFLAGS="-O2 -march=armv4t" +else + SLKCFLAGS="-O2" +fi + +# Clean target location: +rm -rf $PKG +mkdir -p $PKG + +# Prepare the framework and extract the package: +cd $TMP +rm -rf $PKG openssh-$VERSION +tar xvf $CWD/openssh-$VERSION.tar.gz || tar xvf $CWD/openssh-$VERSION.tar.?z* || exit 1 +cd openssh-$VERSION +chown -R root:root . + +zcat $CWD/openssh.CVE-2017-15906.patch.gz | patch -p1 --verbose || exit 1 + +# Restore support for tcpwrappers: +zcat $CWD/openssh-7.4p1-libwrap.diff.gz | patch -p1 --verbose || exit 1 +autoreconf -vif + +# Compile package: +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --mandir=/usr/man \ + --sysconfdir=/etc/ssh \ + --without-pam \ + --with-md5-passwords \ + --with-tcp-wrappers \ + --with-default-path=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin \ + --with-privsep-path=/var/empty \ + --with-privsep-user=sshd \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 + +# Install the package: +make install DESTDIR=$PKG + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +# Install directory used with PrivilegeSeparation option: +mkdir -p $PKG/var/empty +chmod 755 $PKG/var/empty + +# Install docs: +mkdir -p $PKG/usr/doc/openssh-$VERSION +cp -a \ + CREDITS ChangeLog INSTALL LICENCE OVERVIEW \ + README README.privsep README.smartcard RFC.nroff TODO WARNING.RNG \ + $PKG/usr/doc/openssh-$VERSION +chmod 644 $PKG/usr/doc/openssh-$VERSION/* + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +# Install also 'ssh-copy-id' and its manpage from contrib: +( cd contrib + cp -a ssh-copy-id $PKG/usr/bin/ssh-copy-id + chmod 755 $PKG/usr/bin/ssh-copy-id + cat ssh-copy-id.1 | gzip -9c > $PKG/usr/man/man1/ssh-copy-id.1.gz +) + +( cd $PKG + + # Ditch the new host keys, since these have to be uniquely prepared on each machine: + rm -f etc/ssh/ssh_host_dsa_key + rm -f etc/ssh/ssh_host_dsa_key.pub + rm -f etc/ssh/ssh_host_rsa_key + rm -f etc/ssh/ssh_host_rsa_key.pub + rm -f etc/ssh/ssh_host_key + rm -f etc/ssh/ssh_host_key.pub + + # Set up the config script installation: + mv etc/ssh/ssh_config etc/ssh/ssh_config.new + mv etc/ssh/sshd_config etc/ssh/sshd_config.new + + # Add the init script: + mkdir -p etc/rc.d + cat $CWD/rc.sshd > etc/rc.d/rc.sshd.new + chmod 755 etc/rc.d/rc.sshd.new + + # Copy runtime installation files: + mkdir -p install + zcat $CWD/doinst.sh.gz > install/doinst.sh + cat $CWD/slack-desc > install/slack-desc +) + +# Create the package itself: +cd $PKG +/sbin/makepkg -l y -c n $TMP/openssh-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/openssh/rc.sshd b/patches/source/openssh/rc.sshd new file mode 100644 index 00000000..2da2ab30 --- /dev/null +++ b/patches/source/openssh/rc.sshd @@ -0,0 +1,59 @@ +#!/bin/sh +# Start/stop/restart the secure shell server: + +sshd_start() { + # Create host keys if needed. + if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then + /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' + fi + if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then + /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' + fi + if [ ! -f /etc/ssh/ssh_host_ecdsa_key ]; then + /usr/bin/ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N '' + fi + if [ ! -f /etc/ssh/ssh_host_ed25519_key ]; then + /usr/bin/ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N '' + fi + # Catch any new host key types not yet created above: + /usr/bin/ssh-keygen -A + # Start the sshd daemon: + /usr/sbin/sshd +} + +sshd_stop() { + killall sshd +} + +sshd_restart() { + if [ -r /var/run/sshd.pid ]; then + echo "WARNING: killing listener process only. To kill every sshd process, you must" + echo " use 'rc.sshd stop'. 'rc.sshd restart' kills only the parent sshd to" + echo " allow an admin logged in through sshd to use 'rc.sshd restart' without" + echo " being cut off. If sshd has been upgraded, new connections will now" + echo " use the new version, which should be a safe enough approach." + kill `cat /var/run/sshd.pid` + else + echo "WARNING: There does not appear to be a parent instance of sshd running." + echo " If you really want to kill all running instances of sshd (including" + echo " any sessions currently in use), run '/etc/rc.d/rc.sshd stop' instead." + exit 1 + fi + sleep 1 + sshd_start +} + +case "$1" in +'start') + sshd_start + ;; +'stop') + sshd_stop + ;; +'restart') + sshd_restart + ;; +*) + echo "usage $0 start|stop|restart" +esac + diff --git a/patches/source/openssh/slack-desc b/patches/source/openssh/slack-desc new file mode 100644 index 00000000..04277a72 --- /dev/null +++ b/patches/source/openssh/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +openssh: openssh (Secure Shell daemon and clients) +openssh: +openssh: ssh (Secure Shell) is a program for logging into a remote machine and +openssh: for executing commands on a remote machine. It is intended to replace +openssh: rlogin and rsh, and provide secure encrypted communications between +openssh: two untrusted hosts over an insecure network. sshd (SSH Daemon) is +openssh: the daemon program for ssh. OpenSSH is based on the last free version +openssh: of Tatu Ylonen's SSH, further enhanced and cleaned up by Aaron +openssh: Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de Raadt, and +openssh: Dug Song. It has a homepage at http://www.openssh.com/ +openssh: diff --git a/patches/source/openssl/certwatch b/patches/source/openssl/certwatch new file mode 100644 index 00000000..d52dc3dc --- /dev/null +++ b/patches/source/openssl/certwatch @@ -0,0 +1,130 @@ +#!/bin/sh +# +# Will check all certificates stored in $CERTDIR for their expiration date, +# and will display (if optional "stdout" argument is given), or mail a warning +# message to $MAILADDR (if script is executed without any parameter +# - unattended mode suitable for cron execution) for each particular certificate +# that is about to expire in time less to, or equal to $DAYS after this script +# has been executed, or if it has already expired. +# This stupid script (C) 2006,2007 Jan Rafaj + +########################## CONFIGURATION SECTION BEGIN ######################### +# Note: all settings are mandatory +# Warning will be sent if a certificate expires in time <= days given here +DAYS=7 +# E-mail address where to send warnings +MAILADDR=root +# Directory with certificates to check +CERTDIR=/etc/ssl/certs +# Directory where to keep state files if this script isnt executed with "stdout" +STATEDIR=/var/run +########################### CONFIGURATION SECTION END ########################## + +PATH=/bin:/usr/bin:/sbin:/usr/sbin +DAY_IN_SECS=$((60*60*24)) +DATE_CURRENT=$(date '+%s') + +usage() +{ + echo "Usage: $0 [stdout]" + echo + echo "Detailed description and configuration is embedded within the script." + exit 0 +} + +message() +{ + cat << EOF + WARNING: certificate $certfile + is about to expire in time equal to or less than $DAYS days from now on, + or has already expired - it might be a good idea to obtain/create new one. + +EOF +} + +message_mail() +{ + message + cat << EOF + NOTE: This message is being sent only once. + + A lock-file + $STATEDIR/certwatch-mailwarning-sent-$certfilebase + has been created, which will prevent this script from mailing you again + upon its subsequent executions by crond. You dont need to care about it; + the file will be auto-deleted as soon as you'll prolong your certificate. +EOF +} + +unset stdout +case $# in + 0) ;; + 1) if [ "$1" = "-h" -o "$1" == "--help" ]; then + usage + elif [ "$1" = "stdout" ]; then + stdout=1 + else + usage + fi + ;; + *) usage ;; +esac + +for dir in $STATEDIR $CERTDIR ; do + if [ ! -d $dir ]; then + echo "ERROR: directory $dir does not exist" + exit 1 + fi +done +for binary in basename date find grep mail openssl touch ; do + if [ ! \( -x /usr/bin/$binary -o -x /bin/$binary \) ]; then + echo "ERROR: /usr/bin/$binary not found" + exit 1 + fi +done + +find $CERTDIR -type f -maxdepth 1 | while read certfile ; do + if [ "$certfile" != "/etc/ssl/certs/ca-certificates.crt" ]; then + certfilebase="$(basename "$certfile")" + inform=PEM + echo "$certfile" | grep -q -i '\.net$' + if [ $? -eq 0 ]; then + # This is based purely on filename extension, so may give false results. + # But lets assume noone uses NET format certs today, ok? + continue + fi + echo "$certfile" | grep -q -i '\.der$' + if [ $? -eq 0 -o "$(file "$certfile" | egrep '(ASCII|PEM)')" == "" ]; then + inform=DER + fi + # We wont use '-checkend' since it is not properly documented (as of + # OpenSSL 0.9.8e). + DATE_CERT_EXPIRES=$(openssl x509 -in "$certfile" -inform $inform -noout -enddate | sed 's/^notAfter=//') + DATE_CERT_EXPIRES=$(date -d"$DATE_CERT_EXPIRES" +%s) + if [ $(($DATE_CERT_EXPIRES - $DATE_CURRENT)) -le $(($DAYS * $DAY_IN_SECS)) ] + then + if [ $stdout ]; then + message + else + if [ ! -f $STATEDIR/certwatch-mailwarning-sent-"$certfilebase" ]; then + subject="$0: certificate $certfile expiration warning" + message_mail | mail -r "certwatch@$HOSTNAME" \ + -s "$subject" \ + $MAILADDR 2>/dev/null + # echo "Mail about expiring certificate $certfile sent to $MAILADDR." + # echo "If you need to send it again, please remove lock-file" + # echo "$STATEDIR/certwatch-mailwarning-sent-$certfilebase ." + # echo + fi + touch $STATEDIR/certwatch-mailwarning-sent-"$certfilebase" + fi + else + if [ ! $stdout ]; then + if [ -f $STATEDIR/certwatch-mailwarning-sent-"$certfilebase" ]; then + rm $STATEDIR/certwatch-mailwarning-sent-"$certfilebase" + fi + fi + fi + fi +done + diff --git a/patches/source/openssl/doinst.sh-openssl b/patches/source/openssl/doinst.sh-openssl new file mode 100644 index 00000000..f73c5a51 --- /dev/null +++ b/patches/source/openssl/doinst.sh-openssl @@ -0,0 +1,15 @@ +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/ssl/openssl.cnf.new +config etc/cron.daily/certwatch.new +# If the admin has modified this in any way, no need to keep the sample. +rm -f etc/cron.daily/certwatch.new diff --git a/patches/source/openssl/doinst.sh-openssl-solibs b/patches/source/openssl/doinst.sh-openssl-solibs new file mode 100644 index 00000000..ed4fdfac --- /dev/null +++ b/patches/source/openssl/doinst.sh-openssl-solibs @@ -0,0 +1,12 @@ +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/ssl/openssl.cnf.new diff --git a/patches/source/openssl/openssl.SlackBuild b/patches/source/openssl/openssl.SlackBuild new file mode 100755 index 00000000..751873d7 --- /dev/null +++ b/patches/source/openssl/openssl.SlackBuild @@ -0,0 +1,199 @@ +#!/bin/sh + +# Copyright 2000 BSDi, Inc. Concord, CA, USA +# Copyright 2001, 2002 Slackware Linux, Inc. Concord, CA, USA +# Copyright 2005, 2006, 2007, 2008, 2009, 2010, 2012, 2016 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +VERSION=${VERSION:-$(echo openssl-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +PKG1=$TMP/package-openssl +PKG2=$TMP/package-ossllibs +NAME1=openssl-$VERSION-$ARCH-$BUILD +NAME2=openssl-solibs-$VERSION-$ARCH-$BUILD + +NUMJOBS=${NUMJOBS:--j6} + +# So that ls has the right field counts for parsing... +export LC_ALL=C + +cd $TMP +rm -rf $PKG1 $PKG2 openssl-$VERSION +tar xvf $CWD/openssl-$VERSION.tar.gz || exit 1 +cd openssl-$VERSION + +# Use .so.0, not .so.0.9.8: +zcat $CWD/openssl.soname.diff.gz | patch -p1 --backup --verbose --suffix=.orig || exit 1 +if [ "$ARCH" = "i486" ]; then + # Build with -march=i486 -mtune=i686: + zcat $CWD/openssl.optsx86.diff.gz | patch -p1 --backup --verbose --suffix=.orig || exit 1 + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +fi + +# Mitigate DROWN: +zcat $CWD/openssl.no.weak.sslv2.ciphers.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/openssl.no.weak.sslv3.ciphers.diff.gz | patch -p1 --verbose || exit 1 + +# OpenSSL has a (nasty?) habit of bumping the internal version number with +# every release. This wouldn't be so bad, but some applications are so +# paranoid that they won't run against a different OpenSSL version than +# what they were compiled against, whether or not the ABI has changed. +# +# So, we will use the OPENSSL_VERSION_NUMBER from openssl-0.9.8o unless ABI +# breakage forces it to change. Yes, we're finally using this old trick. :) +sed -i "s/#define OPENSSL_VERSION_NUMBER.*/\/* Use 0x009080efL (0.9.8o) below to avoid pointlessly breaking the ABI *\/\n#define OPENSSL_VERSION_NUMBER 0x009080efL/g" crypto/opensslv.h || exit 1 + +chown -R root:root . +mkdir -p $PKG1/usr/doc/openssl-$VERSION +cp -a CHANGES CHANGES.SSLeay FAQ INSTALL INSTALL.MacOS INSTALL.VMS INSTALL.W32 \ + LICENSE NEWS README README.ENGINE doc $PKG1/usr/doc/openssl-$VERSION +find $PKG1/usr/doc/openssl-$VERSION -type d -exec chmod 755 {} \; +find $PKG1/usr/doc/openssl-$VERSION -type f -exec chmod 644 {} \; + +# If there's a CHANGES file, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r CHANGES ]; then + DOCSDIR=$(echo $PKG1/usr/doc/*-$VERSION) + cat CHANGES | head -n 2000 > $DOCSDIR/CHANGES + touch -r CHANGES $DOCSDIR/CHANGES +fi + +# These are the known patent issues with OpenSSL: +# name # expires +# MDC-2: 4,908,861 2007-03-13, included. :-) +# IDEA: 5,214,703 2010-05-25, not included. +# RC5: 5,724,428 2015-03-03, not included. + +./config \ + --prefix=/usr \ + --openssldir=/etc/ssl \ + no-idea \ + no-rc5 \ + no-sse2 \ + shared + +make depend || exit 1 + +make $NUMJOBS || make || exit 1 + +make install INSTALL_PREFIX=$PKG1 || exit 1 + +# Use proper libdir: +( cd $PKG1/usr; mv lib lib${LIBDIRSUFFIX} ) + +# Make the .so.? library symlinks: +( cd $PKG1/usr/lib${LIBDIRSUFFIX} ; ldconfig -l lib*.so.* ) + +# Move libraries, as they might be needed by programs that bring a network +# mounted /usr online: + +mkdir $PKG1/lib${LIBDIRSUFFIX} +( cd $PKG1/usr/lib${LIBDIRSUFFIX} + for file in lib*.so.?.* ; do + mv $file ../../lib${LIBDIRSUFFIX} + ln -sf ../../lib${LIBDIRSUFFIX}/$file . + done + cp -a lib*.so.? ../../lib${LIBDIRSUFFIX} +) + +# Add a cron script to warn root if a certificate is going to expire soon: +mkdir -p $PKG1/etc/cron.daily +zcat $CWD/certwatch.gz > $PKG1/etc/cron.daily/certwatch.new +chmod 755 $PKG1/etc/cron.daily/certwatch.new + +mv $PKG1/etc/ssl/openssl.cnf $PKG1/etc/ssl/openssl.cnf.new + +( cd $PKG1 + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +mv $PKG1/etc/ssl/man $PKG1/usr +( cd $PKG1/usr/man/man1 ; mv passwd.1 ssl_passwd.1 ) +( cd $PKG1/usr/man/man3 ; mv rand.3 ssl_rand.3 ) +( cd $PKG1/usr/man/man3 ; mv err.3 ssl_err.3 ) +# Compress and symlink the man pages: +if [ -d $PKG1/usr/man ]; then + ( cd $PKG1/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +cd $PKG1 +chmod 755 usr/lib${LIBDIRSUFFIX}/pkgconfig +sed -i -e "s#lib\$#lib${LIBDIRSUFFIX}#" usr/lib${LIBDIRSUFFIX}/pkgconfig/*.pc +mkdir -p install +zcat $CWD/doinst.sh-openssl.gz > install/doinst.sh +cat $CWD/slack-desc.openssl > install/slack-desc +/sbin/makepkg -l y -c n $TMP/${NAME1}.txz + +# Make runtime package: +mkdir -p $PKG2/lib${LIBDIRSUFFIX} +( cd lib${LIBDIRSUFFIX} ; cp -a lib*.so.* $PKG2/lib${LIBDIRSUFFIX} ) +( cd $PKG2/lib${LIBDIRSUFFIX} ; ldconfig -l * ) +mkdir -p $PKG2/etc +( cd $PKG2/etc ; cp -a $PKG1/etc/ssl . ) +mkdir -p $PKG2/usr/doc/openssl-$VERSION +( cd $TMP/openssl-$VERSION + cp -a CHANGES CHANGES.SSLeay FAQ INSTALL INSTALL.MacOS INSTALL.VMS INSTALL.W32 \ + LICENSE NEWS README README.ENGINE $PKG2/usr/doc/openssl-$VERSION +) + +# If there's a CHANGES file, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r CHANGES ]; then + DOCSDIR=$(echo $PKG2/usr/doc/*-$VERSION) + cat CHANGES | head -n 2000 > $DOCSDIR/CHANGES + touch -r CHANGES $DOCSDIR/CHANGES +fi + +find $PKG2/usr/doc/openssl-$VERSION -type d -exec chmod 755 {} \; +find $PKG2/usr/doc/openssl-$VERSION -type f -exec chmod 644 {} \; +cd $PKG2 +mkdir -p install +zcat $CWD/doinst.sh-openssl-solibs.gz > install/doinst.sh +cat $CWD/slack-desc.openssl-solibs > install/slack-desc +/sbin/makepkg -l y -c n $TMP/${NAME2}.txz diff --git a/patches/source/openssl/openssl.no.weak.sslv2.ciphers.diff b/patches/source/openssl/openssl.no.weak.sslv2.ciphers.diff new file mode 100644 index 00000000..a7075ba4 --- /dev/null +++ b/patches/source/openssl/openssl.no.weak.sslv2.ciphers.diff @@ -0,0 +1,51 @@ +diff -u -r --new-file openssl-0.9.8zh.orig/ssl/s2_lib.c openssl-0.9.8zh/ssl/s2_lib.c +--- openssl-0.9.8zh.orig/ssl/s2_lib.c 2015-12-03 08:59:08.000000000 -0600 ++++ openssl-0.9.8zh/ssl/s2_lib.c 2016-03-01 18:29:20.998111828 -0600 +@@ -97,6 +97,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# if 0 + /* RC4_128_EXPORT40_WITH_MD5 */ + { + 1, +@@ -110,6 +111,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* RC2_128_CBC_WITH_MD5 */ + { + 1, +@@ -123,6 +125,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# if 0 + /* RC2_128_CBC_EXPORT40_WITH_MD5 */ + { + 1, +@@ -136,6 +139,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* IDEA_128_CBC_WITH_MD5 */ + # ifndef OPENSSL_NO_IDEA + { +@@ -151,6 +155,7 @@ + SSL_ALL_STRENGTHS, + }, + # endif ++# if 0 + /* DES_64_CBC_WITH_MD5 */ + { + 1, +@@ -164,6 +169,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* DES_192_EDE3_CBC_WITH_MD5 */ + { + 1, diff --git a/patches/source/openssl/openssl.no.weak.sslv3.ciphers.diff b/patches/source/openssl/openssl.no.weak.sslv3.ciphers.diff new file mode 100644 index 00000000..17326a56 --- /dev/null +++ b/patches/source/openssl/openssl.no.weak.sslv3.ciphers.diff @@ -0,0 +1,356 @@ +diff -u -r --new-file openssl-0.9.8zh.orig/ssl/s3_lib.c openssl-0.9.8zh/ssl/s3_lib.c +--- openssl-0.9.8zh.orig/ssl/s3_lib.c 2015-12-03 08:59:08.000000000 -0600 ++++ openssl-0.9.8zh/ssl/s3_lib.c 2016-03-01 18:42:26.295095103 -0600 +@@ -166,6 +166,7 @@ + SSL_ALL_STRENGTHS, + }, + /* Cipher 03 */ ++# if 0 + { + 1, + SSL3_TXT_RSA_RC4_40_MD5, +@@ -178,6 +179,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 04 */ + { + 1, +@@ -205,6 +207,7 @@ + SSL_ALL_STRENGTHS, + }, + /* Cipher 06 */ ++# if 0 + { + 1, + SSL3_TXT_RSA_RC2_40_MD5, +@@ -217,6 +220,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 07 */ + #ifndef OPENSSL_NO_IDEA + { +@@ -233,6 +237,7 @@ + }, + #endif + /* Cipher 08 */ ++# if 0 + { + 1, + SSL3_TXT_RSA_DES_40_CBC_SHA, +@@ -245,7 +250,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 09 */ ++# if 0 + { + 1, + SSL3_TXT_RSA_DES_64_CBC_SHA, +@@ -258,6 +265,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 0A */ + { + 1, +@@ -273,6 +281,7 @@ + }, + /* The DH ciphers */ + /* Cipher 0B */ ++# if 0 + { + 0, + SSL3_TXT_DH_DSS_DES_40_CBC_SHA, +@@ -285,7 +294,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 0C */ ++# if 0 + { + 0, + SSL3_TXT_DH_DSS_DES_64_CBC_SHA, +@@ -298,6 +309,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 0D */ + { + 0, +@@ -312,6 +324,7 @@ + SSL_ALL_STRENGTHS, + }, + /* Cipher 0E */ ++# if 0 + { + 0, + SSL3_TXT_DH_RSA_DES_40_CBC_SHA, +@@ -324,7 +337,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 0F */ ++# if 0 + { + 0, + SSL3_TXT_DH_RSA_DES_64_CBC_SHA, +@@ -337,6 +352,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 10 */ + { + 0, +@@ -353,6 +369,7 @@ + + /* The Ephemeral DH ciphers */ + /* Cipher 11 */ ++# if 0 + { + 1, + SSL3_TXT_EDH_DSS_DES_40_CBC_SHA, +@@ -365,7 +382,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 12 */ ++# if 0 + { + 1, + SSL3_TXT_EDH_DSS_DES_64_CBC_SHA, +@@ -378,6 +397,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 13 */ + { + 1, +@@ -392,6 +412,7 @@ + SSL_ALL_STRENGTHS, + }, + /* Cipher 14 */ ++# if 0 + { + 1, + SSL3_TXT_EDH_RSA_DES_40_CBC_SHA, +@@ -404,7 +425,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 15 */ ++# if 0 + { + 1, + SSL3_TXT_EDH_RSA_DES_64_CBC_SHA, +@@ -417,6 +440,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 16 */ + { + 1, +@@ -431,6 +455,7 @@ + SSL_ALL_STRENGTHS, + }, + /* Cipher 17 */ ++# if 0 + { + 1, + SSL3_TXT_ADH_RC4_40_MD5, +@@ -443,6 +468,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 18 */ + { + 1, +@@ -457,6 +483,7 @@ + SSL_ALL_STRENGTHS, + }, + /* Cipher 19 */ ++# if 0 + { + 1, + SSL3_TXT_ADH_DES_40_CBC_SHA, +@@ -469,7 +496,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 1A */ ++# if 0 + { + 1, + SSL3_TXT_ADH_DES_64_CBC_SHA, +@@ -482,6 +511,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 1B */ + { + 1, +@@ -543,6 +573,7 @@ + + #ifndef OPENSSL_NO_KRB5 + /* The Kerberos ciphers */ ++# if 0 + /* Cipher 1E */ + { + 1, +@@ -556,6 +587,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + + /* Cipher 1F */ + { +@@ -600,6 +632,7 @@ + }, + + /* Cipher 22 */ ++# if 0 + { + 1, + SSL3_TXT_KRB5_DES_64_CBC_MD5, +@@ -612,6 +645,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + + /* Cipher 23 */ + { +@@ -656,6 +690,7 @@ + }, + + /* Cipher 26 */ ++# if 0 + { + 1, + SSL3_TXT_KRB5_DES_40_CBC_SHA, +@@ -668,8 +703,10 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + + /* Cipher 27 */ ++# if 0 + { + 1, + SSL3_TXT_KRB5_RC2_40_CBC_SHA, +@@ -682,8 +719,10 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + + /* Cipher 28 */ ++# if 0 + { + 1, + SSL3_TXT_KRB5_RC4_40_SHA, +@@ -696,8 +735,10 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + + /* Cipher 29 */ ++# if 0 + { + 1, + SSL3_TXT_KRB5_DES_40_CBC_MD5, +@@ -710,8 +751,10 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + + /* Cipher 2A */ ++# if 0 + { + 1, + SSL3_TXT_KRB5_RC2_40_CBC_MD5, +@@ -724,8 +767,10 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + + /* Cipher 2B */ ++# if 0 + { + 1, + SSL3_TXT_KRB5_RC4_40_MD5, +@@ -738,6 +783,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + #endif /* OPENSSL_NO_KRB5 */ + + /* New AES ciphersuites */ +@@ -1007,6 +1053,7 @@ + }, + # endif + /* Cipher 62 */ ++# if 0 + { + 1, + TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA, +@@ -1019,7 +1066,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 63 */ ++# if 0 + { + 1, + TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA, +@@ -1032,7 +1081,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 64 */ ++# if 0 + { + 1, + TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA, +@@ -1045,7 +1096,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 65 */ ++# if 0 + { + 1, + TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA, +@@ -1058,6 +1111,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 66 */ + { + 1, diff --git a/patches/source/openssl/openssl.optsx86.diff b/patches/source/openssl/openssl.optsx86.diff new file mode 100644 index 00000000..a1a289a2 --- /dev/null +++ b/patches/source/openssl/openssl.optsx86.diff @@ -0,0 +1,11 @@ +--- ./Configure.orig 2005-08-02 03:59:42.000000000 -0700 ++++ ./Configure 2005-10-12 20:04:43.000000000 -0700 +@@ -317,7 +317,7 @@ + "linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::linux_ppc32.o::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + #### IA-32 targets... + "linux-ia32-icc", "icc:-DL_ENDIAN -DTERMIO -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +-"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -mtune=i686 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}", + #### + "linux-generic64","gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", diff --git a/patches/source/openssl/openssl.soname.diff b/patches/source/openssl/openssl.soname.diff new file mode 100644 index 00000000..f660e93b --- /dev/null +++ b/patches/source/openssl/openssl.soname.diff @@ -0,0 +1,11 @@ +--- ./Makefile.shared.orig 2005-06-23 13:47:54.000000000 -0700 ++++ ./Makefile.shared 2005-10-12 20:02:28.000000000 -0700 +@@ -151,7 +151,7 @@ + SHLIB_SUFFIX=; \ + ALLSYMSFLAGS='-Wl,--whole-archive'; \ + NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \ +- SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX" ++ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB.0" + + DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)" + diff --git a/patches/source/openssl/slack-desc.openssl b/patches/source/openssl/slack-desc.openssl new file mode 100644 index 00000000..57227c04 --- /dev/null +++ b/patches/source/openssl/slack-desc.openssl @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +openssl: openssl (Secure Sockets Layer toolkit) +openssl: +openssl: The OpenSSL certificate management tool and the shared libraries that +openssl: provide various encryption and decryption algorithms and protocols. +openssl: +openssl: This product includes software developed by the OpenSSL Project for +openssl: use in the OpenSSL Toolkit (http://www.openssl.org). This product +openssl: includes cryptographic software written by Eric Young +openssl: (eay@cryptsoft.com). This product includes software written by Tim +openssl: Hudson (tjh@cryptsoft.com). +openssl: diff --git a/patches/source/openssl/slack-desc.openssl-solibs b/patches/source/openssl/slack-desc.openssl-solibs new file mode 100644 index 00000000..f65bf12c --- /dev/null +++ b/patches/source/openssl/slack-desc.openssl-solibs @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +openssl-solibs: openssl-solibs (OpenSSL shared libraries) +openssl-solibs: +openssl-solibs: These shared libraries provide encryption routines required by +openssl-solibs: programs such as openssh. They are also used by KDE's Konqueror web +openssl-solibs: browser to provide secure web connections. +openssl-solibs: +openssl-solibs: This product includes software developed by the OpenSSL Project for +openssl-solibs: use in the OpenSSL Toolkit (http://www.openssl.org). This product +openssl-solibs: includes cryptographic software written by Eric Young +openssl-solibs: (eay@cryptsoft.com). This product includes software written by Tim +openssl-solibs: Hudson (tjh@cryptsoft.com). diff --git a/patches/source/openvpn/README b/patches/source/openvpn/README new file mode 100644 index 00000000..cf2c6602 --- /dev/null +++ b/patches/source/openvpn/README @@ -0,0 +1,26 @@ +OpenVPN is a full-featured SSL VPN which can accomodate a wide +range of configurations, including remote access, site-to-site VPNs, +WiFi security, and enterprise-scale remote access with load +balancing, failover, and fine-grained access-controls. + +OpenVPN implements OSI layer 2 or 3 secure network extension using the +industry standard SSL/TLS protocol, supports flexible client +authentication methods based on certificates, smart cards, and/or +2-factor authentication, and allows user or group-specific access +control policies using firewall rules applied to the VPN virtual +interface. + +This build of OpenVPN depends upon having openssl (not just +openssl-solibs) and lzo installed on your computer. + +Please note that there is no default config file for OpenVPN. This is +by design. OpenVPN can technically use any config file in any location. +However, this script does create an /etc/openvpn/ directory with certs/ +and keys/ subdirectories. Feel free to place config files, keys, and +certificates in these directories. certs/ and keys/ are owned by user +root and group nobody and are not world readable nor writable. +Additionally, they are not writable by group nobody. It is recommended +that you run openvpn nobody:nobody, but you may use another +non-privilaged user and group at your option. Just change the +permissions on these permissions to reflect that if you do. + diff --git a/patches/source/openvpn/doinst.sh b/patches/source/openvpn/doinst.sh new file mode 100644 index 00000000..4b9b133a --- /dev/null +++ b/patches/source/openvpn/doinst.sh @@ -0,0 +1,25 @@ +#!/bin/sh +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +preserve_perms() { + NEW="$1" + OLD="$(dirname ${NEW})/$(basename ${NEW} .new)" + if [ -e ${OLD} ]; then + cp -a ${OLD} ${NEW}.incoming + cat ${NEW} > ${NEW}.incoming + mv ${NEW}.incoming ${NEW} + fi + config ${NEW} +} + +preserve_perms etc/rc.d/rc.openvpn.new + diff --git a/patches/source/openvpn/openvpn.SlackBuild b/patches/source/openvpn/openvpn.SlackBuild new file mode 100755 index 00000000..477ac99a --- /dev/null +++ b/patches/source/openvpn/openvpn.SlackBuild @@ -0,0 +1,169 @@ +#!/bin/bash + +# Copyright 2006, Alan Hicks, Lizella, GA +# Copyright 2008, 2009, 2010, 2011, 2013, 2016, 2018 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +cd $(dirname $0) ; CWD=$(pwd) + +PKGNAM=openvpn +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# If the variable PRINT_PACKAGE_NAME is set, then this script will report what +# the name of the created package would be, and then exit. This information +# could be useful to other scripts. +if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then + echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz" + exit 0 +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +cd $PKGNAM-$VERSION || exit 1 + +# Fix ownership and permissions inside the source tarball. +# It's appalling how many projects have 777 permissions or +# even suid, sgid, and sticky bits set on things. +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc/openvpn \ + --localstatedir=/var \ + --mandir=/usr/man \ + --docdir=/usr/doc/openvpn-${VERSION} \ + --enable-lzo \ + --enable-iproute2 \ + --disable-plugin-auth-pam \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install-strip DESTDIR=$PKG || exit 1 + +# Create a decent config directory. openvpn doesn't have one by +# default, nor does it have a single config file. +mkdir -p $PKG/etc/openvpn/{certs,keys} +chown root:nobody $PKG/etc/openvpn/{certs,keys} +chmod 750 $PKG/etc/openvpn/{certs,keys} + +# Install a startup script: +mkdir -p $PKG/etc/rc.d +cp -a $CWD/rc.openvpn $PKG/etc/rc.d/rc.openvpn.new +chmod 644 $PKG/etc/rc.d/rc.openvpn.new +chown root:root $PKG/etc/rc.d/rc.openvpn.new + +# Let folks know about the other configs, if they haven't found them. +# They might even find the documentation there useful. ;-) +cat << EOF > $PKG/etc/openvpn/README.TXT +One or more OpenVPN config files should be installed in this directory +as files ending in ".conf" (i.e. client.conf, server.conf, etc.). + +Have a look in sample-config-files for some more examples of how to +configure OpenVPN. + +To start OpenVPN, use this command as root: +sh /etc/rc.d/rc.openvpn start + +To make OpenVPN start automatically at boot, change the script permissions: +chmod 755 /etc/rc.d/rc.openvpn + +See "man openvpn" and the other docs for more information. +EOF + +# Add a link, too: +( cd $PKG/etc/openvpn + ln -sf /usr/doc/$PKGNAM-$VERSION/sample-config-files . +) + +if [ -d $PKG/usr/man ]; then +( cd $PKG/usr/man + find . -type f -exec gzip -9 {} \; + for i in $(find . -type l) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done +) +fi + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a AUTHORS COPYING* COPYRIGHT* INSTALL* \ + NEWS PORTS README* sample/sample-config-files sample/sample-keys sample/sample-scripts \ + $PKG/usr/doc/$PKGNAM-$VERSION + +# Install a reasonably generic sample config file: +# (put this in with the other samples) +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION/sample-config-files +cp -a $CWD/slackware.conf $PKG/usr/doc/$PKGNAM-$VERSION/sample-config-files +chown root:root $PKG/usr/doc/$PKGNAM-$VERSION/sample-config-files/slackware.conf +chmod 644 $PKG/usr/doc/$PKGNAM-$VERSION/sample-config-files/slackware.conf + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/openvpn/openvpn.url b/patches/source/openvpn/openvpn.url new file mode 100644 index 00000000..4c476d87 --- /dev/null +++ b/patches/source/openvpn/openvpn.url @@ -0,0 +1,2 @@ +https://swupdate.openvpn.org/community/releases/openvpn-2.4.6.tar.xz +https://swupdate.openvpn.org/community/releases/openvpn-2.4.6.tar.xz.asc diff --git a/patches/source/openvpn/rc.openvpn b/patches/source/openvpn/rc.openvpn new file mode 100644 index 00000000..86f31922 --- /dev/null +++ b/patches/source/openvpn/rc.openvpn @@ -0,0 +1,111 @@ +#!/bin/sh +# +# /etc/rc.d/rc.openvpn +# +# Start/stop/restart the openvpn daemon. +# +# By default, this script will start/stop/restart a daemon for every *.conf +# file found in /etc/openvpn. +# +# To work with a single connection, add the name of the config file: +# /etc/rc.d/rc.openvpn start configfile.conf +# +# You may also use a config file not found in /etc/openvpn by providing a +# complete path: +# /etc/rc.d/rc.openvpn start /path/to/some/other/configfile.conf +# +# The name of a config file provided with a complete path should not match +# the name of any config file present in the /etc/openvpn directory. + +ovpn_start() { + if [ -x /usr/sbin/openvpn ]; then + if [ -z "$1" ]; then # start OpenVPN for all config files: + if /bin/ls /etc/openvpn/*.conf 1> /dev/null 2> /dev/null ; then + for config in /etc/openvpn/*.conf ; do + echo "Starting OpenVPN: /usr/sbin/openvpn --daemon --writepid /run/openvpn/$(basename $config).pid --user nobody --group nobody --config $config" + /usr/sbin/openvpn --daemon --writepid /run/openvpn/$(basename $config).pid --user nobody --group nobody --config $config + done + else + echo "Unable to start OpenVPN - no .conf files found in /etc/openvpn/." + fi + else # start OpenVPN for one config file: + if [ -r "$1" ]; then + echo "Starting OpenVPN: /usr/sbin/openvpn --daemon --writepid /run/openvpn/$(basename $1).pid --user nobody --group nobody --config $1" + /usr/sbin/openvpn --daemon --writepid /run/openvpn/$(basename $1).pid --user nobody --group nobody --config $1 + else # config file is missing: + echo "Error starting OpenVPN: config file $1 is missing." + fi + fi + fi +} + +ovpn_stop() { + # Note: OpenVPN has a bad habit of leaving stale pid files around when exiting. + # Maybe it would be better to just use killall unless called for one config? + if [ -z "$1" ]; then # stop OpenVPN for all pid files: + if /bin/ls /run/openvpn/*.pid 1> /dev/null 2> /dev/null ; then + for pid in /run/openvpn/*.pid ; do + echo "Stopping OpenVPN for pid file $pid..." + kill $(cat $pid) + rm -f $pid + done + else + echo "Warning: no pid files found in /run/openvpn/. Using killall to stop any OpenVPN processes." + killall openvpn + fi + else # stop OpenVPN for one config file: + if [ -r /run/openvpn/$(basename ${1}).pid ]; then + echo "Stopping OpenVPN for config file ${1}..." + kill $(cat /run/openvpn/$(basename ${1}).pid) + rm -f /run/openvpn/$(basename ${1}).pid + else + echo "Error stopping OpenVPN: no such pid file /run/openvpn/$(basename ${1}).pid" + fi + fi +} + +ovpn_restart() { + if [ ! -z "$1" ]; then # restart for all config files: + ovpn_stop + sleep 2 + ovpn_start + else # restart for one config file only: + ovpn_stop $1 + sleep 2 + ovpn_start $1 + fi +} + +ovpn_status() { + if /bin/ls /run/openvpn/*.pid 1> /dev/null 2> /dev/null ; then + echo "Currently running OpenVPN processes according to .pid files in /run/openvpn:" + for pid in /run/openvpn/*.pid ; do + echo " $(basename $pid) ($(cat $pid))" + done + else + echo "No .pid files found in /run/openvpn." + fi +} + +# Create PID directory if it doesn't exist: +if [ ! -d /run/openvpn ]; then + mkdir -p /run/openvpn +fi + +case "$1" in +'start') + ovpn_start $2 + ;; +'stop') + ovpn_stop $2 + ;; +'restart') + ovpn_restart $2 + ;; +'status') + ovpn_status + ;; +*) + echo "Usage: $0 {start|stop|restart}" +esac + diff --git a/patches/source/openvpn/slack-desc b/patches/source/openvpn/slack-desc new file mode 100644 index 00000000..7ffd6167 --- /dev/null +++ b/patches/source/openvpn/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +openvpn: openvpn (secure IP tunnel daemon) +openvpn: +openvpn: OpenVPN is a full-featured SSL VPN which can accommodate a wide range +openvpn: of configurations, including remote access, site-to-site VPNs, WiFi +openvpn: security, and enterprise-scale remote access with load balancing, +openvpn: failover, and fine-grained access-controls. +openvpn: +openvpn: OpenVPN's home on the net is: http://openvpn.net +openvpn: +openvpn: +openvpn: diff --git a/patches/source/openvpn/slackware.conf b/patches/source/openvpn/slackware.conf new file mode 100644 index 00000000..4314b544 --- /dev/null +++ b/patches/source/openvpn/slackware.conf @@ -0,0 +1,178 @@ +# openvpn.conf.sample +# +# This is a sample configuration file for OpenVPN. +# Not all options are listed here; you can find good documentation +# about all of the options in OpenVPN's manual page - openvpn(8). +# +# You can make a P-t-P connection by creating a shared key, +# copying this key to other hosts in your network, and changing +# the IP addresses in this file. +# +# Commented options are provided for some typical configurations + +# Change the "search" path to /etc/openvpn +# All files referenced in this configuration will be relative to +# whatever directory is specified here - we default to /etc/openvpn +cd /etc/openvpn + +# If running as a server, which local IP address should OpenVPN +# listen on? Specify this as either a hostname or IP address. If +# this is left blank, OpenVPN will default to listening on all +# interfaces. +#local a.b.c.d + +# This option defines the IP or DNS name of the other side of your VPN +# connection. This option is needed if you are making client or P-t-P +# connections. If you are the server, use "local" instead. This may +# be specified as a domain name or IP address. +#remote vpn.server.org + +# This option defins the protocol to use. Valid options are: +# udp, tcp-server, or tcp-client. Default is udp, and generally +# speaking, tcp is a bad idea. +proto udp + +# This option defines the port on which your server will be listening +# or trying to connect. The default is 1194 +port 1194 + +# This option defines whether to use LZO compression. +# If enabled, it must be enabled at both ends of the VPN connection. +#comp-lzo + +# Debug level (default 1) +#verb 3 + +# VPN logfile location +# If you don't specify a location here, logging will be done through +# syslogd and write to /var/log/messages +log-append /var/log/openvpn.log + +# If you want to use OpenVPN as a daemon, uncomment this line. +# Generally speaking, servers should run OpenVPN as a daemon +# and clients should not. +#daemon + +# Device type to use, you can choose between tun or tap. +# TUN is the most common option. If you have multiple connections, +# it is a good idea to bind each connection to a separate TUN/TAP +# interface using tunX/tapX, where X is the number of each interface. +dev tun + +# This option prevents OpenVPN from closing and re-opening the tun/tap +# device every time it receives a SIGUSR1 signal +#persist-tun + +# This is similar to the previous option, but it prevents OpenVPN from +# re-reading the key files every time +#persist-key + +# If you are using a client-server architecture, you need to specify the +# role of your computer in your VPN network. To use one of these options, +# you need to configure TLS options too. +# +# To use the "server" option, you must specify a network subnet such +# as 172.16.1.0 255.255.255.0. The first number is the network, the +# second is the netmask. OpenVPN will take the first available IP +# for itself (in our example, 172.16.1.1) and the rest will be +# given to connecting clients dynamically. +# +# Leave these commented out if you are using OpenVPN in bridging mode. +# +#server 10.1.2.0 255.255.255.0 +#client + +# This option defines a file with IP address to client mapping. +# This is useful in general, and necessary if clients use persist-tun. +#ifconfig-pool-persist ips.txt + +# Enable this option if you want clients connected to this VPN to be +# able to talk directly to each other +#client-to-client + +# This option defines the directory in which configuration files for clients +# will reside. With individual files you can make each client get different +# options using "push" parameters +#client-config-dir ccd + +# If you are using P-t-P, you need to specify the IP addresses at both ends +# of your VPN connection. The IP addresses are reversed at the other side. +# +# You can use this to specify client IP addresses in ccd files (on server) +# or directly in client configuration +#ifconfig 10.1.2.1 10.1.2.2 + +# You can set routes to specific networks. In the sample below, "vpn_gateway" +# is an internal OpenVPN alias to your VPN gateway - leave it as is. +# This will enable you to talk with the networks behind your VPN server. +# Multiple routes can be specified. +# +# +------------+ - - +------------+ +# | Network1 |---| VPN1 |--[10.1.2.0/24]--| VPN2 |---| Network2 | +# +------------+ +------+ +------+ +------------+ +# 192.168.0.0/24 192.168.2.0/24 +# +# The sample below shows how VPN1 server can reach Network2 +#route 192.168.2.0 255.255.255.0 vpn_gateway + +# You can send clients many network configuration options using the +# "push" directive and sending commands. +# Multiple "push" directives can be used. You should only put global +# "push" directives here. You can "push" different options to +# different clients in per-client configuration files. See +# "client-config-dir" above. +# +# Using the same network configuration that you see above, the route statment +# here allows VPN2 to reach Network1 +#push "route-delay 2 600" +#push "route 192.168.2.0 255.255.255.0 vpn_gateway" +#push "persist-key" + +# This option sets the encryption algorithm to use in the VPN connection. +# Available options are: +# DES-CBC, RC2-CBC, DES-EDE-CBC, DES-EDE3-CBC, +# DESX-CBC, BF-CBC, RC2-40-CBC, CAST5-CBC, +# RC2-64-CBC, AES-128-CBC, AES-192-CBC and AES-256-CBC +cipher BF-CBC + +# Shared Key Connection +# --------------------- +# Secret is one shared key between the hosts that want to connect through VPNs. +# Without secret or TLS options, your data will not be encrypted. +# +# To generate an encryption key do: +# openvpn --genkey --secret /etc/openvpn/keys/shared.key +# +# Do the above on one host and copy it to the others +secret keys/shared.key + +# TLS Connections +# --------------- +# TLS must be used if you use option "server" or "client" +# The basic idea there is: You have one Certificate Authority, and all +# machines in your VPN network need to have individual certificates and +# keys signed by Certificate Authority. This means each client can +# have its own key, making it easier to revoke a key without copying +# a shared secret key to every client. +# +# Inside the /usr/doc/openvpn-$VERSION documentation directory, you can +# find "easy-rsa" scripts to make certificate and key management easier. + +# Certificate Authority file +# This file must be identical on all hosts that connect to your VPN +#ca certs/ca.crt + +# If you are the server, you need to specify some Diffie Hellman parameters. +# OpenVPN provides some sample .pem files in documentation directory +#dh my-dh.pem + +# Certificate and Key signed by Certificate Authority +# Each machine needs to have their own unique certificate +#cert certs/machine.cert +#key keys/machine.key + +# To prevent some DoS attacks we can add another authentication layer in the +# TLS control channel. This needs to be enabled at both ends to work +# client uses the value 1; server uses the value 0 +#tls-auth keys/shared.key 0 + diff --git a/patches/source/patch/0001-Refuse-to-apply-ed-scripts-by-default.patch b/patches/source/patch/0001-Refuse-to-apply-ed-scripts-by-default.patch new file mode 100644 index 00000000..46d9fcf5 --- /dev/null +++ b/patches/source/patch/0001-Refuse-to-apply-ed-scripts-by-default.patch @@ -0,0 +1,79 @@ +From 5046e5605cf7420d9a11de49bd9fe4851a4ca1d2 Mon Sep 17 00:00:00 2001 +From: Saleem Rashid +Date: Thu, 5 Apr 2018 22:48:25 +0100 +Subject: [PATCH] Refuse to apply ed scripts by default + +* src/patch.c, src/pch.c: Warn that ed scripts are potentially +dangerous, unless patch is invoked with --force + +This fixes an issue where ed scripts could be included in a patch, executing +arbitrary shell commands without the user's knowledge. + +Original bug report: +https://savannah.gnu.org/bugs/index.php?53566 +--- + src/patch.c | 13 +++++++++++-- + src/pch.c | 11 +++++++++++ + 6 files changed, 62 insertions(+), 5 deletions(-) + +diff --git a/src/patch.c b/src/patch.c +index 0fe6d72..e14a9c4 100644 +--- a/src/patch.c ++++ b/src/patch.c +@@ -781,7 +781,7 @@ static char const *const option_help[] = + " -l --ignore-whitespace Ignore white space changes between patch and input.", + "", + " -c --context Interpret the patch as a context difference.", +-" -e --ed Interpret the patch as an ed script.", ++" -e --ed Interpret the patch as a potentially dangerous ed script. This could allow arbitrary command execution!", + " -n --normal Interpret the patch as a normal difference.", + " -u --unified Interpret the patch as a unified difference.", + "", +@@ -825,7 +825,7 @@ static char const *const option_help[] = + "Miscellaneous options:", + "", + " -t --batch Ask no questions; skip bad-Prereq patches; assume reversed.", +-" -f --force Like -t, but ignore bad-Prereq patches, and assume unreversed.", ++" -f --force Like -t, but ignore bad-Prereq patches, apply potentially dangerous ed scripts, and assume unreversed.", + " -s --quiet --silent Work silently unless an error occurs.", + " --verbose Output extra information about the work being done.", + " --dry-run Do not actually change any files; just print what would happen.", +@@ -1068,6 +1068,15 @@ get_some_switches (void) + } + } + ++ if (! force && diff_type == ED_DIFF) ++ { ++ ask ("Apply potentially dangerous ed script? This could allow arbitrary command execution! [n] "); ++ if (*buf != 'y') ++ { ++ fatal ("Refusing to apply potentially dangerous ed script."); ++ } ++ } ++ + /* Process any filename args. */ + if (optind < Argc) + { +diff --git a/src/pch.c b/src/pch.c +index bc6278c..ab34dd4 100644 +--- a/src/pch.c ++++ b/src/pch.c +@@ -1001,6 +1001,17 @@ intuit_diff_type (bool need_header, mode_t *p_file_type) + instat = st[i]; + } + ++ if (! force && retval == ED_DIFF) ++ { ++ ask ("Apply potentially dangerous ed script? This could allow arbitrary command execution! [n] "); ++ if (*buf != 'y') ++ { ++ if (verbosity != SILENT) ++ say ("Skipping potentially dangerous ed script.\n"); ++ skip_rest_of_patch = true; ++ } ++ } ++ + return retval; + } + + diff --git a/patches/source/patch/patch.SlackBuild b/patches/source/patch/patch.SlackBuild new file mode 100755 index 00000000..5d170d41 --- /dev/null +++ b/patches/source/patch/patch.SlackBuild @@ -0,0 +1,119 @@ +#!/bin/sh + +# Copyright 2005-2009, 2010, 2012, 2015 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=patch +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-patch + +rm -rf $PKG +mkdir -p $TMP $PKG + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +cd $TMP +rm -rf patch-${VERSION} +tar xvf $CWD/patch-${VERSION}.tar.xz || exit 1 +cd patch-${VERSION} || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Patch CVE-2018-1000156, arbitrary shell command execution by (obsolete) +# ed patch format: +zcat $CWD/0001-Refuse-to-apply-ed-scripts-by-default.patch.gz | patch -p1 --verbose || exit 1 + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --mandir=/usr/man \ + --build=$ARCH-slackware-linux + +make -j4 || make || exit 1 +make install DESTDIR=$PKG + +# Strip everything for good measure: +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +mkdir -p $PKG/usr/doc/patch-${VERSION} +cp -a \ + AUTHORS COPYING* NEWS README* \ + $PKG/usr/doc/patch-${VERSION} + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +makepkg -l y -c n $TMP/patch-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/patch/slack-desc b/patches/source/patch/slack-desc new file mode 100644 index 00000000..5ddba89b --- /dev/null +++ b/patches/source/patch/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +patch: patch (apply a diff file to an original file or files) +patch: +patch: Patch is a utility used to apply diffs (or patches) to files, which +patch: are usually source code. +patch: +patch: Larry Wall wrote the original version of patch. Paul Eggert removed +patch: patch's arbitrary limits; added support for binary files, setting +patch: file times, and deleting files; and made it conform better to POSIX. +patch: Other contributors include Wayne Davison, who added unidiff support, +patch: and David MacKenzie, who added configuration and backup support. +patch: diff --git a/patches/source/perl/10_hash.t b/patches/source/perl/10_hash.t new file mode 100644 index 00000000..e051528b --- /dev/null +++ b/patches/source/perl/10_hash.t @@ -0,0 +1,38 @@ +X-Git-Url: http://perl5.git.perl.org/perl.git/blobdiff_plain/ca8de220718ba91d5a5fdd9779497cd5b0250258..f14269908e5f8b4cab4b55643d7dd9de577e7918:/ext/Hash-Util-FieldHash/t/10_hash.t + +diff --git a/ext/Hash-Util-FieldHash/t/10_hash.t b/ext/Hash-Util-FieldHash/t/10_hash.t +index 29c2f4d..c266b6a 100644 +--- a/ext/Hash-Util-FieldHash/t/10_hash.t ++++ b/ext/Hash-Util-FieldHash/t/10_hash.t +@@ -46,15 +46,29 @@ use constant START => "a"; + + # some initial hash data + fieldhash my %h2; +-%h2 = map {$_ => 1} 'a'..'cc'; ++my $counter= "a"; ++$h2{$counter++}++ while $counter ne 'cd'; + + ok (!Internals::HvREHASH(%h2), + "starting with pre-populated non-pathological hash (rehash flag if off)"); + + my @keys = get_keys(\%h2); ++my $buckets= buckets(\%h2); + $h2{$_}++ for @keys; ++$h2{$counter++}++ while buckets(\%h2) == $buckets; # force a split + ok (Internals::HvREHASH(%h2), +- scalar(@keys) . " colliding into the same bucket keys are triggering rehash"); ++ scalar(@keys) . " colliding into the same bucket keys are triggering rehash after split"); ++ ++# returns the number of buckets in a hash ++sub buckets { ++ my $hr = shift; ++ my $keys_buckets= scalar(%$hr); ++ if ($keys_buckets=~m!/([0-9]+)\z!) { ++ return 0+$1; ++ } else { ++ return 8; ++ } ++} + + sub get_keys { + my $hr = shift; diff --git a/patches/source/perl/hash.t b/patches/source/perl/hash.t new file mode 100644 index 00000000..6d6d61eb --- /dev/null +++ b/patches/source/perl/hash.t @@ -0,0 +1,46 @@ +X-Git-Url: http://perl5.git.perl.org/perl.git/blobdiff_plain/ca8de220718ba91d5a5fdd9779497cd5b0250258..f14269908e5f8b4cab4b55643d7dd9de577e7918:/t/op/hash.t + +diff --git a/t/op/hash.t b/t/op/hash.t +index 9bde518..45eb782 100644 +--- a/t/op/hash.t ++++ b/t/op/hash.t +@@ -39,22 +39,36 @@ use constant THRESHOLD => 14; + use constant START => "a"; + + # some initial hash data +-my %h2 = map {$_ => 1} 'a'..'cc'; ++my %h2; ++my $counter= "a"; ++$h2{$counter++}++ while $counter ne 'cd'; + + ok (!Internals::HvREHASH(%h2), + "starting with pre-populated non-pathological hash (rehash flag if off)"); + + my @keys = get_keys(\%h2); ++my $buckets= buckets(\%h2); + $h2{$_}++ for @keys; ++$h2{$counter++}++ while buckets(\%h2) == $buckets; # force a split + ok (Internals::HvREHASH(%h2), +- scalar(@keys) . " colliding into the same bucket keys are triggering rehash"); ++ scalar(@keys) . " colliding into the same bucket keys are triggering rehash after split"); ++ ++# returns the number of buckets in a hash ++sub buckets { ++ my $hr = shift; ++ my $keys_buckets= scalar(%$hr); ++ if ($keys_buckets=~m!/([0-9]+)\z!) { ++ return 0+$1; ++ } else { ++ return 8; ++ } ++} + + sub get_keys { + my $hr = shift; + + # the minimum of bits required to mount the attack on a hash + my $min_bits = log(THRESHOLD)/log(2); +- + # if the hash has already been populated with a significant amount + # of entries the number of mask bits can be higher + my $keys = scalar keys %$hr; diff --git a/patches/source/perl/hv.c b/patches/source/perl/hv.c new file mode 100644 index 00000000..71819e9b --- /dev/null +++ b/patches/source/perl/hv.c @@ -0,0 +1,61 @@ +X-Git-Url: http://perl5.git.perl.org/perl.git/blobdiff_plain/ca8de220718ba91d5a5fdd9779497cd5b0250258..f14269908e5f8b4cab4b55643d7dd9de577e7918:/hv.c + +diff --git a/hv.c b/hv.c +index 5d0f2f8..6bfedd5 100644 +--- a/hv.c ++++ b/hv.c +@@ -35,7 +35,8 @@ holds the key and hash value. + #define PERL_HASH_INTERNAL_ACCESS + #include "perl.h" + +-#define HV_MAX_LENGTH_BEFORE_SPLIT 14 ++#define HV_MAX_LENGTH_BEFORE_REHASH 14 ++#define SHOULD_DO_HSPLIT(xhv) ((xhv)->xhv_keys > (xhv)->xhv_max) /* HvTOTALKEYS(hv) > HvMAX(hv) */ + + static const char S_strtab_error[] + = "Cannot modify shared string table in hv_%s"; +@@ -818,23 +819,8 @@ Perl_hv_common(pTHX_ HV *hv, SV *keysv, const char *key, STRLEN klen, + xhv->xhv_keys++; /* HvTOTALKEYS(hv)++ */ + if (!counter) { /* initial entry? */ + xhv->xhv_fill++; /* HvFILL(hv)++ */ +- } else if (xhv->xhv_keys > (IV)xhv->xhv_max) { ++ } else if ( SHOULD_DO_HSPLIT(xhv) ) { + hsplit(hv); +- } else if(!HvREHASH(hv)) { +- U32 n_links = 1; +- +- while ((counter = HeNEXT(counter))) +- n_links++; +- +- if (n_links > HV_MAX_LENGTH_BEFORE_SPLIT) { +- /* Use only the old HvKEYS(hv) > HvMAX(hv) condition to limit +- bucket splits on a rehashed hash, as we're not going to +- split it again, and if someone is lucky (evil) enough to +- get all the keys in one list they could exhaust our memory +- as we repeatedly double the number of buckets on every +- entry. Linear search feels a less worse thing to do. */ +- hsplit(hv); +- } + } + } + +@@ -1180,7 +1166,7 @@ S_hsplit(pTHX_ HV *hv) + + + /* Pick your policy for "hashing isn't working" here: */ +- if (longest_chain <= HV_MAX_LENGTH_BEFORE_SPLIT /* split worked? */ ++ if (longest_chain <= HV_MAX_LENGTH_BEFORE_REHASH /* split worked? */ + || HvREHASH(hv)) { + return; + } +@@ -2506,8 +2492,8 @@ S_share_hek_flags(pTHX_ const char *str, I32 len, register U32 hash, int flags) + xhv->xhv_keys++; /* HvTOTALKEYS(hv)++ */ + if (!next) { /* initial entry? */ + xhv->xhv_fill++; /* HvFILL(hv)++ */ +- } else if (xhv->xhv_keys > (IV)xhv->xhv_max /* HvKEYS(hv) > HvMAX(hv) */) { +- hsplit(PL_strtab); ++ } else if ( SHOULD_DO_HSPLIT(xhv) ) { ++ hsplit(PL_strtab); + } + } + diff --git a/patches/source/perl/perl.SlackBuild b/patches/source/perl/perl.SlackBuild new file mode 100755 index 00000000..15fe8a20 --- /dev/null +++ b/patches/source/perl/perl.SlackBuild @@ -0,0 +1,296 @@ +#!/bin/sh + +# Copyright 2009 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +# originally by: David Cantrell +# maintained by: + +VERSION=5.10.1 +# IMPORTANT: also update -Dinc_version_list in ./configure below! + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi +BUILD=${BUILD:-2_slack13.1} + +NUMJOBS=${NUMJOBS:--j6} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-perl + +# Additional required modules: +DBDMYSQL=4.013 +DBI=1.609 +URI=1.40 +XMLPARSER=2.36 +XMLSIMPLE=2.18 + +if [ "$ARCH" = "i386" ]; then + SLKCFLAGS="-O2 -march=i386 -mcpu=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +if [ -x /usr/bin/perl ]; then + echo "Perl detected." + echo + echo "It's a good idea to remove your existing perl first." + echo + sleep 15 +fi + +# Clear build location: +rm -rf $PKG +mkdir -p $PKG + +# Extract the source code: +cd $TMP +rm -rf perl-$VERSION +tar xvf $CWD/perl-$VERSION.tar.?z* || exit 1 + +# Change into the source directory: +cd perl-$VERSION + +zcat $CWD/10_hash.t.gz | patch -p1 --verbose || exit 1 +zcat $CWD/hash.t.gz | patch -p1 --verbose || exit 1 +zcat $CWD/hv.c.gz | patch -p1 --verbose || exit 1 + +# Adjust owner/perms to standard values: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# If after all this time you still don't trust threads, comment +# out the variable below: +# +USE_THREADS="-Dusethreads -Duseithreads" + +if [ "$ARCH" = "x86_64" ]; then # adopted from "Cross Linux From Scratch" + # Configure must be told to also use lib64: + zcat $CWD/perl.configure.multilib.patch.gz | patch -p1 --verbose || exit 1 + # "perl -V" should report that libc is in /lib64 + sed -i -e '/libc/s#/lib/#/lib64/#' hints/linux.sh + # make perl use lib64: + echo 'installstyle="lib64/perl5"' >>hints/linux.sh +fi + +# We no longer include suidperl. To quote the INSTALL file: +# +# Because of the buggy history of suidperl, and the difficulty +# of properly security auditing as large and complex piece of +# software as Perl, we cannot recommend using suidperl and the feature +# should be considered deprecated. +# Instead use for example 'sudo': http://www.courtesan.com/sudo/ + +# Configure perl: +./Configure -de \ + -Dprefix=/usr \ + -Dvendorprefix=/usr \ + -Dcccdlflags='-fPIC' \ + -Dinstallprefix=/usr \ + -Dlibpth="/usr/local/lib${LIBDIRSUFFIX} /usr/lib${LIBDIRSUFFIX} /lib${LIBDIRSUFFIX}" \ + -Doptimize="$SLKCFLAGS" \ + $USE_THREADS \ + -Dpager='/usr/bin/less -isr' \ + -Dinc_version_list='5.10.0 5.8.8 5.8.7 5.8.6 5.8.5 5.8.4 5.8.3 5.8.2 5.8.1 5.8.0' \ + -Darchname=$ARCH-linux + +# Kludge for gcc-4.2.4's needlessly changed output: +cat makefile | grep -v '\' > foo +mv foo makefile +cat x2p/makefile | grep -v '\' > foo +mv foo x2p/makefile + +# Build perl +make $NUMJOBS || exit 1 +make test + +# Install perl (needed to build modules): +make install +( cd /usr/bin + ln -sf perl$VERSION perl + ln -sf c2ph pstruct + ln -sf s2p psed +) +mkdir -p /usr/lib${LIBDIRSUFFIX}/perl5/vendor_perl/${VERSION}/${ARCH}-linux-thread-multi + +# Install perl package: +make install DESTDIR=$PKG +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/perl5/vendor_perl/${VERSION}/${ARCH}-linux-thread-multi + +# Add additional modules: +( cd ext + ( tar xzvf $CWD/DBI-${DBI}.tar.gz + cd DBI-${DBI} + chown -R root:root . + perl Makefile.PL INSTALLDIRS=vendor + make + make test + make install + make install DESTDIR=$PKG + mkdir -p $PKG/usr/doc/perl-$VERSION/DBI-${DBI} + cp -a README $PKG/usr/doc/perl-$VERSION/DBI-${DBI} + chmod 644 $PKG/usr/doc/perl-$VERSION/DBI-${DBI}/README + ) + ( tar xzvf $CWD/DBD-mysql-${DBDMYSQL}.tar.gz + cd DBD-mysql-${DBDMYSQL} + chown -R root:root . + perl Makefile.PL INSTALLDIRS=vendor + make + make test + make install + make install DESTDIR=$PKG + mkdir -p $PKG/usr/doc/perl-$VERSION/DBD-mysql-${DBDMYSQL} + cp -a INSTALL.html README TODO $PKG/usr/doc/perl-$VERSION/DBD-mysql-${DBDMYSQL} + chmod 644 $PKG/usr/doc/perl-$VERSION/DBD-mysql-${DBDMYSQL}/* + ) + ( tar xzvf $CWD/XML-Parser-${XMLPARSER}.tar.gz + cd XML-Parser-${XMLPARSER} + chown -R root:root . + perl Makefile.PL INSTALLDIRS=vendor + make + make test + make install + make install DESTDIR=$PKG + mkdir -p $PKG/usr/doc/perl-$VERSION/XML-Parser-${XMLPARSER} + cp -a README $PKG/usr/doc/perl-$VERSION/XML-Parser-${XMLPARSER} + chmod 644 $PKG/usr/doc/perl-$VERSION/XML-Parser-${XMLPARSER}/* + ) + ( tar xzvf $CWD/XML-Simple-${XMLSIMPLE}.tar.gz + cd XML-Simple-${XMLSIMPLE} + chown -R root:root . + perl Makefile.PL INSTALLDIRS=vendor + make + make test + make install + make install DESTDIR=$PKG + mkdir -p $PKG/usr/doc/perl-$VERSION/XML-Simple${XMLSIMPLE} + cp -a README $PKG/usr/doc/perl-$VERSION/XML-Simple${XMLSIMPLE} + chmod 644 $PKG/usr/doc/perl-$VERSION/XML-Simple${XMLSIMPLE}/* + ) + ( tar xzvf $CWD/URI-${URI}.tar.gz + cd URI-${URI} + chown -R root:root . + perl Makefile.PL INSTALLDIRS=vendor + make + make test + make install + make install DESTDIR=$PKG + mkdir -p $PKG/usr/doc/perl-$VERSION/URI-${URI} + cp -a README $PKG/usr/doc/perl-$VERSION/URI-${URI} + chmod 644 $PKG/usr/doc/perl-$VERSION/URI-${URI}/* + ) +) + +# Strip everything: +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +# There are also miniperl and microperl. +# I haven't had any requests for them, but would be willing +# to consider adding one or both to the package if anyone +# actually needs them for some reason. +#make microperl + +# Symlinks that replace hard links +( cd $PKG/usr/bin + ln -sf perl$VERSION perl + ln -sf c2ph pstruct + ln -sf s2p psed ) + +# Install documentation +mkdir -p $PKG/usr/doc/perl-$VERSION +cp -a \ + AUTHORS Artistic Copying INSTALL MANIFEST README README.Y2K README.cn \ + README.jp README.ko README.micro README.tw Todo.micro \ + $PKG/usr/doc/perl-$VERSION + +# We follow LSB with symlinks in /usr/share: +( cd $PKG/usr/share + mv man .. ) +( cd $PKG/usr/man/man1 + mkdir foo + cp *.1 foo + rm *.1 + mv foo/* . + rmdir foo + gzip -9 * + ln -sf c2ph.1.gz pstruct.1.gz + ln -sf s2p.1.gz psed.1.gz ) +( cd $PKG/usr/man/man3 + gzip -9 * ) + +chmod 755 $PKG/usr/bin/* +chmod 644 $PKG/usr/man/man?/* +rmdir $PKG/usr/share + +# This file shouldn't get clobbered: +if [ -r $PKG/usr/lib${LIBDIRSUFFIX}/perl5/${VERSION}/${ARCH}-linux-thread-multi/perllocal.pod ]; then + mv $PKG/usr/lib${LIBDIRSUFFIX}/perl5/${VERSION}/${ARCH}-linux-thread-multi/perllocal.pod $PKG/usr/lib${LIBDIRSUFFIX}/perl5/${VERSION}/${ARCH}-linux-thread-multi/perllocal.pod.new +fi + +# Insert the slack-desc: +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + + +cat << EOF | sed -e "s#/lib/#/lib${LIBDIRSUFFIX}/#" | sed -e "s#i486#$ARCH#" \ + > $PKG/install/doinst.sh +#!/bin/sh +config() { + NEW="\$1" + OLD="\$(dirname \$NEW)/\$(basename \$NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r \$OLD ]; then + mv \$NEW \$OLD + elif [ "\$(cat \$OLD | md5sum)" = "\$(cat \$NEW | md5sum)" ]; then # toss the redundant copy + rm \$NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config usr/lib/perl5/${VERSION}/i486-linux-thread-multi/perllocal.pod.new +EOF + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/perl-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/perl/perl.configure.multilib.patch b/patches/source/perl/perl.configure.multilib.patch new file mode 100644 index 00000000..c86ce65f --- /dev/null +++ b/patches/source/perl/perl.configure.multilib.patch @@ -0,0 +1,35 @@ +Submitted By: Ryan Oliver +Date: 2005-10-20 +Initial Package Version: 5.8.7 +Origin: Ryan Oliver +Description: this patch allows perl to be installed in /usr/lib32 or /usr/lib64 instead of /usr/lib. + +--- perl-5.8.7/Configure-ORIG 2005-10-20 11:49:47.571389008 +1000 ++++ perl-5.8.7/Configure 2005-10-20 12:30:35.571236464 +1000 +@@ -5930,6 +5930,8 @@ + : The default "style" setting is made in installstyle.U + case "$installstyle" in + *lib/perl5*) set dflt privlib lib/$package/$version ;; ++*lib32/perl5*) set dflt privlib lib32/$package/$version ;; ++*lib64/perl5*) set dflt privlib lib64/$package/$version ;; + *) set dflt privlib lib/$version ;; + esac + eval $prefixit +@@ -6433,6 +6435,8 @@ + case "$sitelib" in + '') case "$installstyle" in + *lib/perl5*) dflt=$siteprefix/lib/$package/site_$prog/$version ;; ++ *lib32/perl5*) dflt=$siteprefix/lib32/$package/site_$prog/$version ;; ++ *lib64/perl5*) dflt=$siteprefix/lib64/$package/site_$prog/$version ;; + *) dflt=$siteprefix/lib/site_$prog/$version ;; + esac + ;; +@@ -6560,6 +6564,8 @@ + prog=`echo $package | $sed 's/-*[0-9.]*$//'` + case "$installstyle" in + *lib/perl5*) dflt=$vendorprefix/lib/$package/vendor_$prog/$version ;; ++ *lib32/perl5*) dflt=$vendorprefix/lib32/$package/vendor_$prog/$version ;; ++ *lib64/perl5*) dflt=$vendorprefix/lib64/$package/vendor_$prog/$version ;; + *) dflt=$vendorprefix/lib/vendor_$prog/$version ;; + esac + ;; diff --git a/patches/source/perl/slack-desc b/patches/source/perl/slack-desc new file mode 100644 index 00000000..e28cf941 --- /dev/null +++ b/patches/source/perl/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +perl: perl (Practical Extraction and Report Language) +perl: +perl: Larry Wall's "Practical Extraction and Report Language". Perl is a +perl: language optimized for scanning arbitrary text files, extracting +perl: information from those text files, and printing reports based on that +perl: information. It's also a good language for many system management +perl: tasks. The language is intended to be practical (easy to use, +perl: efficient, complete) rather than beautiful (tiny, elegant, minimal). +perl: +perl: +perl: diff --git a/patches/source/php/doinst.sh b/patches/source/php/doinst.sh new file mode 100644 index 00000000..eda8b0de --- /dev/null +++ b/patches/source/php/doinst.sh @@ -0,0 +1,8 @@ +if [ ! -r etc/httpd/mod_php.conf ]; then + cp -a etc/httpd/mod_php.conf.example etc/httpd/mod_php.conf +elif [ "`cat etc/httpd/mod_php.conf 2> /dev/null`" = "" ]; then + cp -a etc/httpd/mod_php.conf.example etc/httpd/mod_php.conf +fi +if [ ! -r etc/httpd/php.ini ]; then + cp -a etc/httpd/php.ini-production etc/httpd/php.ini +fi diff --git a/patches/source/php/fetch-php.sh b/patches/source/php/fetch-php.sh new file mode 100755 index 00000000..8786664d --- /dev/null +++ b/patches/source/php/fetch-php.sh @@ -0,0 +1 @@ +lftpget http://us.php.net/distributions/php-5.3.29.tar.bz2 diff --git a/patches/source/php/mod_php.conf.example b/patches/source/php/mod_php.conf.example new file mode 100644 index 00000000..670eb713 --- /dev/null +++ b/patches/source/php/mod_php.conf.example @@ -0,0 +1,29 @@ +# +# mod_php - PHP Hypertext Preprocessor module +# + +# Load the PHP module: +LoadModule php5_module lib/httpd/modules/libphp5.so + +# Tell Apache to feed all *.php files through PHP. If you'd like to +# parse PHP embedded in files with different extensions, comment out +# these lines and see the example below. + + SetHandler application/x-httpd-php + + +# Tell Apache to feed all *.php, *.html, and *.htm files through +# the PHP module. Add or subtract extensions here as desired. Please +# note that running pages through PHP for no reason can be both slow +# and insecure, so be sure to know what you're doing. It's a convenient +# shortcut, but probably isn't suitible for high-traffic sites if you +# write any of your pages in straight HTML. +# +# SetHandler application/x-httpd-php +# + +# This will display PHP files in colored syntax form. Use with caution. +# +# SetHandler application/x-httpd-php-source +# + diff --git a/patches/source/php/php.SlackBuild b/patches/source/php/php.SlackBuild new file mode 100755 index 00000000..a55d76b7 --- /dev/null +++ b/patches/source/php/php.SlackBuild @@ -0,0 +1,301 @@ +#!/bin/sh + +# Build and package mod_php on Slackware. +# by: David Cantrell +# Modified for PHP 4-5 by volkerdi@slackware.com +# Copyright 2007, 2008, 2009, 2010, 2011, 2012 Patrick Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-$(echo php-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +ALPINE=2.00 +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-php/ +rm -rf $PKG +mkdir -p $TMP $PKG + +if [ "$ARCH" = "i386" ]; then + SLKCFLAGS="-O2 -march=i386 -mcpu=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +# we need to compile alpine to get c-client.a for IMAP support: +IMAPLIBDIR=/usr/local/lib${LIBDIRSUFFIX}/c-client +if [ -r $IMAPLIBDIR/lib${LIBDIRSUFFIX}/c-client.a ]; then + echo "Using IMAP library:" + ls -l $IMAPLIBDIR/lib${LIBDIRSUFFIX}/c-client.a + sleep 5 +else + ( cd $CWD/../alpine ; ./alpine.SlackBuild || exit 1 ) || exit 1 + ( cd $TMP/alpine-${ALPINE}/imap/c-client + strip -g c-client.a + mkdir -p $IMAPLIBDIR/lib${LIBDIRSUFFIX} + cp c-client.a $IMAPLIBDIR/lib${LIBDIRSUFFIX} + mkdir -p $IMAPLIBDIR/include + cp *.h $IMAPLIBDIR/include + ) +fi + +mkdir -p $PKG/etc/httpd +mkdir -p $PKG/etc/php +# A trick from DaMouse to enable building php into $PKG. +# We'll remove this later on. +cat /etc/httpd/original/httpd.conf > $PKG/etc/httpd/httpd.conf +if [ ! -e /etc/httpd/original/httpd.conf ]; then + echo "FATAL: no /etc/httpd/original/httpd.conf found." + exit 1 +fi + +cd $TMP +rm -rf php-$VERSION +tar xvf $CWD/php-$VERSION.tar.?z* || exit 1 +cd php-$VERSION + +# cleanup: +find . -name "*.orig" -delete + +# Add missing(?) PEAR modules back: +if [ -d php-$VERSION/pear/packages ]; then + ( cd php-$VERSION/pear/packages + cp -a $CWD/pear/*.bz2 . 2> /dev/null + bzip2 -d *.bz2 2> /dev/null + ) +fi + +if [ "$ARCH" = "s390" ]; then + zcat $CWD/php.configure.s390.diff.gz | patch -p1 || exit +fi + +# Fixup perms/owners: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +find . -name "*.h" -exec chmod 644 {} \; + +# Sometimes they ship a few of these: +find . -name "*.orig" -exec rm {} \; + +# Patch ini files: +zcat $CWD/php.ini-development.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/php.ini-development.diff.gz | patch -p1 --verbose php.ini-production || exit 1 +zcat $CWD/php.session.save_path.diff.gz | patch -p1 --verbose || exit 1 + +# Generic "kitchen sink" configure function, with as many things as possible (and +# maybe then some ;-) compiled as shared extensions: +php_configure() { +EXTENSION_DIR=/usr/lib${LIBDIRSUFFIX}/php/extensions \ +CFLAGS="$SLKCFLAGS" \ +./configure \ + $* \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --with-libdir=lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --disable-safe-mode \ + --disable-magic-quotes \ + --enable-zend-multibyte \ + --enable-mbregex \ + --enable-tokenizer=shared \ + --with-config-file-scan-dir=/etc/php \ + --with-config-file-path=/etc/httpd \ + --enable-mod_charset \ + --with-layout=PHP \ + --enable-sigchild \ + --enable-xml \ + --with-libxml-dir=/usr \ + --enable-simplexml \ + --enable-filter \ + --disable-debug \ + --with-openssl=shared \ + --with-pcre-regex=/usr \ + --with-zlib=shared,/usr \ + --enable-bcmath=shared \ + --with-bz2=shared,/usr \ + --enable-calendar=shared \ + --enable-ctype=shared \ + --with-curl=shared \ + --with-curlwrappers \ + --with-mcrypt=/usr \ + --enable-dba=shared \ + --with-gdbm=/usr \ + --with-db4=/usr \ + --enable-exif=shared \ + --enable-ftp=shared \ + --with-gd=shared \ + --with-jpeg-dir=/usr \ + --with-png-dir=/usr \ + --with-zlib-dir=/usr \ + --with-xpm-dir=/usr \ + --with-freetype-dir=/usr \ + --with-t1lib=/usr \ + --enable-gd-native-ttf \ + --enable-gd-jis-conv \ + --with-gettext=shared,/usr \ + --with-gmp=shared,/usr \ + --with-iconv=shared \ + --with-imap-ssl=/usr \ + --with-imap=$IMAPLIBDIR \ + --with-ldap=shared \ + --enable-mbstring=shared \ + --enable-hash \ + --with-mysql=shared,mysqlnd \ + --with-mysqli=shared,mysqlnd \ + --with-mysql-sock=/var/run/mysql/mysql.sock \ + --enable-pdo=shared \ + --with-pdo-mysql=shared,mysqlnd \ + --with-pdo-sqlite=shared,/usr \ + --with-pspell=shared,/usr \ + --with-enchant=shared,/usr \ + --with-mm=/usr \ + --enable-shmop=shared \ + --with-snmp=shared,/usr \ + --enable-soap=shared \ + --enable-sockets \ + --with-sqlite=shared \ + --with-sqlite3=shared \ + --enable-sqlite-utf8 \ + --with-regex=php \ + --enable-sysvmsg \ + --enable-sysvsem \ + --enable-sysvshm \ + --enable-wddx=shared \ + --with-xsl=shared,/usr \ + --enable-zip=shared \ + --with-tsrm-pthreads \ + --enable-shared=yes \ + --enable-static=no \ + --with-gnu-ld \ + --with-pic \ + --build=$ARCH-slackware-linux +} + +# I am told this option is worse than nothing. :-) +# --enable-safe-mode +# +# I would recommend *against* and will take no responbility for turning on +# "safe" mode. + +# Make the Apache2 module version of PHP: +php_configure \ + --with-apxs2=/usr/sbin/apxs +make $NUMJOBS || make || exit 1 +make install INSTALL_ROOT=$PKG || exit 1 + +# Make the CLI/CGI version of PHP: +make distclean +php_configure \ + --enable-pcntl \ + --enable-sigchild +make $NUMJOBS || make || exit 1 +mkdir -p $PKG/usr/bin +cat ./sapi/cli/php > $PKG/usr/bin/php +cat ./sapi/cgi/php-cgi > $PKG/usr/bin/php-cgi +chmod 755 $PKG/usr/bin/php +chmod 755 $PKG/usr/bin/php-cgi + +# PHP (used to) install Pear with some strange permissions. +chmod 755 $PKG/usr/bin/pear + +# PHP sometimes puts junk in the root directory: +( cd $PKG + rm -rf .channels .depdb .depdblock .filemap .lock .registry +) + +# Fix $PKG/usr/lib/php perms: +( cd $PKG/usr/lib${LIBDIRSUFFIX}/php + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +) + +mkdir -p $PKG/usr/doc/php-$VERSION +cp -a \ + CODING_STANDARDS CREDITS EXTENSIONS INSTALL LICENSE NEWS README* TODO* UPGRADING* \ + sapi/cgi/README.FastCGI \ + $PKG/usr/doc/php-$VERSION +chown -R root:root $PKG/usr/doc/php-$VERSION +chmod 644 $PKG/usr/doc/php-$VERSION/UPGRADING* + +mkdir -p $PKG/etc/httpd +cp -a php.ini-development php.ini-production $PKG/etc/httpd +cat $CWD/mod_php.conf.example | sed -e "s#lib/httpd#lib${LIBDIRSUFFIX}/httpd#" \ + > $PKG/etc/httpd/mod_php.conf.example +chmod 644 $PKG/etc/httpd/* +chown root:root $PKG/etc/httpd/* + +# This can go now. +rm -f $PKG/etc/httpd/httpd* + +# Session directory for PHP: +mkdir -p $PKG/var/lib/php +chmod 770 $PKG/var/lib/php +chown root:apache $PKG/var/lib/php + +# Strip ELF objects. +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +gzip -9 $PKG/usr/man/man?/*.? + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +#if [ -d "$IMAPLIBDIR" ]; then +# ( cd $IMAPLIBDIR && rm -rf * ) +# rmdir $IMAPLIBDIR +#fi + +cd $PKG +/sbin/makepkg -l y -c n $TMP/php-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/php/php.ini-development.diff b/patches/source/php/php.ini-development.diff new file mode 100644 index 00000000..49b441e6 --- /dev/null +++ b/patches/source/php/php.ini-development.diff @@ -0,0 +1,47 @@ +--- ./php.ini-development.orig 2011-02-08 18:25:44.000000000 -0600 ++++ ./php.ini-development 2011-04-01 22:42:50.000000000 -0500 +@@ -938,6 +938,44 @@ + ; If you only provide the name of the extension, PHP will look for it in its + ; default extension directory. + ; ++ ++; These are the extensions that are available for use on this PHP build. ++; If you do NOT need any of these extensions, you should comment them out. ++; That will probably increase both your security and performance. ++ ++extension=bcmath.so ++extension=bz2.so ++extension=calendar.so ++extension=ctype.so ++extension=curl.so ++extension=dba.so ++extension=enchant.so ++extension=exif.so ++extension=ftp.so ++extension=gd.so ++extension=gettext.so ++extension=gmp.so ++extension=iconv.so ++extension=ldap.so ++extension=mbstring.so ++extension=mysql.so ++extension=mysqli.so ++extension=openssl.so ++extension=pdo.so ++extension=pdo_mysql.so ++extension=pdo_sqlite.so ++extension=pspell.so ++extension=shmop.so ++extension=snmp.so ++extension=soap.so ++extension=sqlite.so ++extension=sqlite3.so ++extension=tokenizer.so ++extension=wddx.so ++extension=xsl.so ++extension=zip.so ++extension=zlib.so ++ + ; Windows Extensions + ; Note that ODBC support is built in, so no dll is needed for it. + ; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) diff --git a/patches/source/php/php.session.save_path.diff b/patches/source/php/php.session.save_path.diff new file mode 100644 index 00000000..60d6f072 --- /dev/null +++ b/patches/source/php/php.session.save_path.diff @@ -0,0 +1,22 @@ +--- ./php.ini-development.orig 2011-04-14 14:26:44.551000001 -0500 ++++ ./php.ini-development 2011-04-14 14:38:48.591000954 -0500 +@@ -1506,7 +1506,7 @@ + ; where MODE is the octal representation of the mode. Note that this + ; does not overwrite the process's umask. + ; http://php.net/session.save-path +-;session.save_path = "/tmp" ++session.save_path = "/var/lib/php" + + ; Whether to use cookies. + ; http://php.net/session.use-cookies +--- ./php.ini-production.orig 2011-04-14 14:26:44.558000001 -0500 ++++ ./php.ini-production 2011-04-14 14:39:09.598999155 -0500 +@@ -1513,7 +1513,7 @@ + ; where MODE is the octal representation of the mode. Note that this + ; does not overwrite the process's umask. + ; http://php.net/session.save-path +-;session.save_path = "/tmp" ++session.save_path = "/var/lib/php" + + ; Whether to use cookies. + ; http://php.net/session.use-cookies diff --git a/patches/source/php/slack-desc b/patches/source/php/slack-desc new file mode 100644 index 00000000..fe14da6d --- /dev/null +++ b/patches/source/php/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +php: php (HTML-embedded scripting language) +php: +php: PHP is an HTML-embedded scripting language. It shares syntax +php: characteristics with C, Java, and Perl. The primary objective behind +php: this language is to make a fast and easy-to-use scripting language +php: for dynamic web sites. +php: +php: More information can be found online at http://www.php.net/ +php: +php: +php: diff --git a/patches/source/pidgin/pidgin.SlackBuild b/patches/source/pidgin/pidgin.SlackBuild new file mode 100755 index 00000000..05ad8e3d --- /dev/null +++ b/patches/source/pidgin/pidgin.SlackBuild @@ -0,0 +1,224 @@ +#!/bin/sh + +# Copyright 2006, 2007, 2008, 2009, 2010, 2011 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=pidgin +VERSION=${VERSION:-$(echo $PKGNAM-2.*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +PIDGINENC=${PIDGINENC:-3.1} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j6 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-${PKGNAM} +rm -rf $PKG +mkdir -p $TMP $PKG + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" + ARCHQUADLET="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" + ARCHQUADLET="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" + ARCHQUADLET="" +elif [ "$ARCH" = "arm" ]; then + SLKCFLAGS="-O2 -march=armv4t" + LIBDIRSUFFIX="" + ARCHQUADLET="-gnueabi" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" + ARCHQUADLET="" +fi + +cd $TMP +rm -rf ${PKGNAM}-${VERSION} +tar xvf $CWD/${PKGNAM}-$VERSION.tar.?z* || exit 1 +cd ${PKGNAM}-$VERSION || exit 1 + +# Make sure ownerships and permissions are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Allow certificates signed with rsa-md5: +zcat $CWD/purple-allow-sign-rsa-md5.patch.gz | patch -p0 --verbose || exit 1 + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --mandir=/usr/man \ + --enable-dot=no \ + --disable-schemas-install \ + --enable-dbus \ + --enable-gnutls=yes \ + --enable-nss=no \ + --disable-vv \ + --enable-gtkspell \ + --enable-cyrus-sasl \ + --enable-perl \ + --disable-meanwhile \ + --disable-avahi \ + --disable-nm \ + --program-prefix= \ + --program-suffix= \ + --build=$ARCH-slackware-linux$ARCHQUADLET || exit 1 + +# Fix install location: +grep -lr -- "lib/perl" . | xargs sed -i 's?lib/perl?lib'"$LIBDIRSUFFIX"'/perl?g' + +# Build and install: +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# Fix misplaced items: +eval $(perl '-V:archlib') +eval $(perl '-V:privlib') +VENDORPERL="$(echo $archlib | sed -e "s/perl5/perl5\/vendor_perl/")" + +mkdir -vpm755 $PKG/$VENDORPERL/ +find $PKG -type f -name perllocal.pod -exec mv -fv {} $PKG/$VENDORPERL/Pidgin.pod \; +# Fix install location for 64bit: +sed -i 's?/lib/perl?/lib'"$LIBDIRSUFFIX"'/perl?g' $PKG/$VENDORPERL/Pidgin.pod +mkdir -p $PKG/usr/man/man3 +find $PKG/usr/share/man -type f -name *.3 -exec mv -fv {} $PKG/usr/man/man3 \; +rm -rf $PKG/usr/share/man +rm -r $PKG$privlib +# This is empty: +rmdir $PKG/usr/lib$LIBDIRSUFFIX/perl[0-9]*/$ARCH-linux-thread-multi/ + +# In case of unwanted junk dirs on 64-bit... this may fail, but doesn't hurt: +rmdir $PKG/usr/lib/perl[0-9]*/$ARCH-linux-thread-multi/ +rmdir $PKG/usr/lib/perl[0-9]* +rmdir $PKG/usr/lib + +# This removes our DESTDIR from the packlist filenames, to keep perl's +# internal inventories consistent and correct. +find $PKG -name .packlist | while read plist ; do + sed -e "s%/share/man%/man%g" \ + -e "s%$PKG%%g" \ + -e "s%\.1$%\.1\.gz%g" \ + -e "s%\.2$%\.2\.gz%g" \ + -e "s%\.3$%\.3\.gz%g" \ + -e "s%\.3pm$%\.3pm\.gz%g" \ + -e "s%\.4$%\.4\.gz%g" \ + -e "s%\.5$%\.5\.gz%g" \ + -e "s%\.6$%\.6\.gz%g" \ + -e "s%\.7$%\.7\.gz%g" \ + -e "s%\.8$%\.8\.gz%g" \ + ${plist} > ${plist}.new + mv -f ${plist}.new ${plist} +done + +### add gaim-encryption +( cd $TMP + rm -rf pidgin-encryption-$PIDGINENC + tar xvf $CWD/pidgin-encryption-$PIDGINENC.tar.gz || exit 1 + cd pidgin-encryption-$PIDGINENC + PIDGIN_CFLAGS="-I${PKG}/usr/include/pidgin" \ + PIDGIN_LIBS="-L${PKG}/usr/lib${LIBDIRSUFFIX}" \ + PURPLE_CFLAGS="-I${PKG}/usr/include/libpurple" \ + PURPLE_LIBS="-L${PKG}/usr/lib${LIBDIRSUFFIX}" \ + ./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --disable-static \ + --with-nss-includes=/usr/include/seamonkey/nss \ + --with-nspr-includes=/usr/include/seamonkey/nspr \ + --with-nss-libs=/usr/lib${LIBDIRSUFFIX}/seamonkey/ \ + --with-nspr-libs=/usr/lib${LIBDIRSUFFIX}/seamonkey/ \ + --program-prefix="" \ + --program-suffix="" \ + --build=$ARCH-slackware-linux$ARCHQUADLET || exit 1 + + # Fix install location: + grep -lr -- "lib/perl" . | xargs sed -i 's?lib/perl?lib'"$LIBDIRSUFFIX"'/perl?g' + + make $NUMJOBS || make || exit 1 + make install DESTDIR=$PKG || exit 1 +) || exit 1 +### end add gaim-encryption + +# Strip binaries: +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) +fi + +# Compress info files, if any: +if [ -d $PKG/usr/info ]; then + ( cd $PKG/usr/info + rm -f dir + gzip -9 * + ) +fi + +# Add a documentation directory: +mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION +cp -a \ + AUTHORS COPYING COPYRIGHT HACKING INSTALL NEWS PLUGIN_HOWTO README* doc \ + $PKG/usr/doc/${PKGNAM}-$VERSION +( cd $PKG/usr/doc/${PKGNAM}-$VERSION/doc + rm -f Makefile* *.dox *.1 *.in +) + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/${PKGNAM}-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/pidgin/purple-allow-sign-rsa-md5.patch b/patches/source/pidgin/purple-allow-sign-rsa-md5.patch new file mode 100644 index 00000000..d882a6e8 --- /dev/null +++ b/patches/source/pidgin/purple-allow-sign-rsa-md5.patch @@ -0,0 +1,12 @@ +--- libpurple/plugins/ssl/ssl-gnutls.c.old 2008-10-17 18:58:31.000000000 +0200 ++++ libpurple/plugins/ssl/ssl-gnutls.c 2008-10-17 18:53:03.000000000 +0200 +@@ -693,7 +693,8 @@ + (Verisign and possibly others have + root certificates that predate the + current standard) */ +- GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT, ++ GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT ++ | GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5, + &verify); + + if (ret != 0) { diff --git a/patches/source/pidgin/slack-desc b/patches/source/pidgin/slack-desc new file mode 100644 index 00000000..a9aabca1 --- /dev/null +++ b/patches/source/pidgin/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +pidgin: pidgin (GTK+ instant messaging program) +pidgin: +pidgin: Pidgin allows you to talk to anyone using a variety of messaging +pidgin: protocols, including AIM (Oscar and TOC), ICQ, IRC, Yahoo!, MSN +pidgin: Messenger, Jabber, Gadu-Gadu, Napster, and Zephyr. These protocols +pidgin: are implemented using a modular, easy to use design. To use a +pidgin: protocol, just load the plugin for it. +pidgin: +pidgin: For more info, see: http://www.pidgin.im +pidgin: +pidgin: diff --git a/patches/source/polkit/CVE-2011-1485/0001-PolkitUnixProcess-Clarify-that-the-real-uid-is-retur.patch b/patches/source/polkit/CVE-2011-1485/0001-PolkitUnixProcess-Clarify-that-the-real-uid-is-retur.patch new file mode 100644 index 00000000..e448ce95 --- /dev/null +++ b/patches/source/polkit/CVE-2011-1485/0001-PolkitUnixProcess-Clarify-that-the-real-uid-is-retur.patch @@ -0,0 +1,122 @@ +From 83a65f1255fc3eebfb4be1f80a5ab0b5f98eef7c Mon Sep 17 00:00:00 2001 +From: David Zeuthen +Date: Mon, 11 Apr 2011 11:38:22 -0400 +Subject: [PATCH 1/6] PolkitUnixProcess: Clarify that the real uid is + returned, not the effective one + +On Linux, also switch to parsing /proc//status instead of relying +on the st_uid returned by stat(2) to be the uid we want. + +This was pointed out by Neel Mehta . Thanks! + +Signed-off-by: David Zeuthen +--- + src/polkit/polkitunixprocess.c | 58 ++++++++++++++++++++++++++++++++------- + 1 files changed, 47 insertions(+), 11 deletions(-) + +diff --git a/src/polkit/polkitunixprocess.c b/src/polkit/polkitunixprocess.c +index e132387..868e3c5 100644 +--- a/src/polkit/polkitunixprocess.c ++++ b/src/polkit/polkitunixprocess.c +@@ -34,6 +34,7 @@ + #include + #include + #include ++#include + + #include "polkitunixprocess.h" + #include "polkitsubject.h" +@@ -207,6 +208,8 @@ polkit_unix_process_get_pid (PolkitUnixProcess *process) + * + * Gets the uid of the owner of @process. + * ++ * Note that this returns the real user-id (not the effective user-id) of @process. ++ * + * Returns: The UNIX user id of the owner for @process or 0 if @error is set. + **/ + gint +@@ -214,14 +217,18 @@ polkit_unix_process_get_owner (PolkitUnixProcess *process, + GError **error) + { + gint result; ++ gchar *contents; ++ gchar **lines; + #ifdef HAVE_FREEBSD + struct kinfo_proc p; + #else +- struct stat statbuf; +- char procbuf[32]; ++ gchar filename[64]; ++ guint n; + #endif + + result = 0; ++ lines = NULL; ++ contents = NULL; + + #ifdef HAVE_FREEBSD + if (get_kinfo_proc (process->pid, &p) == 0) +@@ -237,22 +244,51 @@ polkit_unix_process_get_owner (PolkitUnixProcess *process, + + result = p.ki_uid; + #else +- g_snprintf (procbuf, sizeof procbuf, "/proc/%d", process->pid); +- if (stat (procbuf, &statbuf) != 0) ++ /* see 'man proc' for layout of the status file ++ * ++ * Uid, Gid: Real, effective, saved set, and file system UIDs (GIDs). ++ */ ++ g_snprintf (filename, sizeof filename, "/proc/%d/status", process->pid); ++ if (!g_file_get_contents (filename, ++ &contents, ++ NULL, ++ error)) + { +- g_set_error (error, +- POLKIT_ERROR, +- POLKIT_ERROR_FAILED, +- "stat() failed for /proc/%d: %s", +- process->pid, +- g_strerror (errno)); + goto out; + } ++ lines = g_strsplit (contents, "\n", -1); ++ for (n = 0; lines != NULL && lines[n] != NULL; n++) ++ { ++ gint real_uid, effective_uid; ++ if (!g_str_has_prefix (lines[n], "Uid:")) ++ continue; ++ if (sscanf (lines[n] + 4, "%d %d", &real_uid, &effective_uid) != 2) ++ { ++ g_set_error (error, ++ POLKIT_ERROR, ++ POLKIT_ERROR_FAILED, ++ "Unexpected line `%s' in file %s", ++ lines[n], ++ filename); ++ goto out; ++ } ++ else ++ { ++ result = real_uid; ++ goto out; ++ } ++ } + +- result = statbuf.st_uid; ++ g_set_error (error, ++ POLKIT_ERROR, ++ POLKIT_ERROR_FAILED, ++ "Didn't find any line starting with `Uid:' in file %s", ++ filename); + #endif + + out: ++ g_strfreev (lines); ++ g_free (contents); + + return result; + } +-- +1.7.4.4 + diff --git a/patches/source/polkit/CVE-2011-1485/0002-Make-PolkitUnixProcess-also-record-the-uid-of-the-pr.patch b/patches/source/polkit/CVE-2011-1485/0002-Make-PolkitUnixProcess-also-record-the-uid-of-the-pr.patch new file mode 100644 index 00000000..5c70a71e --- /dev/null +++ b/patches/source/polkit/CVE-2011-1485/0002-Make-PolkitUnixProcess-also-record-the-uid-of-the-pr.patch @@ -0,0 +1,666 @@ +From 9a44af8ab67d09a2c08be29428b8fe32da809e99 Mon Sep 17 00:00:00 2001 +From: David Zeuthen +Date: Mon, 11 Apr 2011 12:41:00 -0400 +Subject: [PATCH 2/6] Make PolkitUnixProcess also record the uid of the + process + +This is needed to avoid possible TOCTTOU issues since a process can +change both its real uid and effective uid. + +Signed-off-by: David Zeuthen +--- + docs/polkit/polkit-1-sections.txt | 7 +- + src/polkit/polkitsubject.c | 51 ++++-- + src/polkit/polkitunixprocess.c | 350 +++++++++++++++++++++++++----------- + src/polkit/polkitunixprocess.h | 10 + + 4 files changed, 296 insertions(+), 122 deletions(-) + +diff --git a/docs/polkit/polkit-1-sections.txt b/docs/polkit/polkit-1-sections.txt +index ac902b6..7f42cd2 100644 +--- a/docs/polkit/polkit-1-sections.txt ++++ b/docs/polkit/polkit-1-sections.txt +@@ -148,10 +148,13 @@ POLKIT_UNIX_SESSION_GET_CLASS + PolkitUnixProcess + polkit_unix_process_new + polkit_unix_process_new_full ++polkit_unix_process_new_for_owner ++polkit_unix_process_set_pid + polkit_unix_process_get_pid ++polkit_unix_process_set_start_time + polkit_unix_process_get_start_time +-polkit_unix_process_set_pid +-polkit_unix_process_get_owner ++polkit_unix_process_set_uid ++polkit_unix_process_get_uid + + PolkitUnixProcessClass + POLKIT_UNIX_PROCESS +diff --git a/src/polkit/polkitsubject.c b/src/polkit/polkitsubject.c +index d5039a5..02c707b 100644 +--- a/src/polkit/polkitsubject.c ++++ b/src/polkit/polkitsubject.c +@@ -24,6 +24,7 @@ + #endif + + #include ++#include + + #include "polkitsubject.h" + #include "polkitunixprocess.h" +@@ -209,8 +210,6 @@ polkit_subject_from_string (const gchar *str, + GError **error) + { + PolkitSubject *subject; +- guint64 val; +- gchar *endptr; + + g_return_val_if_fail (str != NULL, NULL); + +@@ -220,12 +219,20 @@ polkit_subject_from_string (const gchar *str, + + if (g_str_has_prefix (str, "unix-process:")) + { +- val = g_ascii_strtoull (str + sizeof "unix-process:" - 1, +- &endptr, +- 10); +- if (*endptr == '\0') ++ gint scanned_pid; ++ guint64 scanned_starttime; ++ gint scanned_uid; ++ if (sscanf (str, "unix-process:%d:%" G_GUINT64_FORMAT ":%d", &scanned_pid, &scanned_starttime, &scanned_uid) == 3) + { +- subject = polkit_unix_process_new ((gint) val); ++ subject = polkit_unix_process_new_for_owner (scanned_pid, scanned_starttime, scanned_uid); ++ } ++ else if (sscanf (str, "unix-process:%d:%" G_GUINT64_FORMAT, &scanned_pid, &scanned_starttime) == 2) ++ { ++ subject = polkit_unix_process_new_full (scanned_pid, scanned_starttime); ++ } ++ else if (sscanf (str, "unix-process:%d", &scanned_pid) == 1) ++ { ++ subject = polkit_unix_process_new (scanned_pid); + if (polkit_unix_process_get_start_time (POLKIT_UNIX_PROCESS (subject)) == 0) + { + g_object_unref (subject); +@@ -233,8 +240,8 @@ polkit_subject_from_string (const gchar *str, + g_set_error (error, + POLKIT_ERROR, + POLKIT_ERROR_FAILED, +- "No process with pid %" G_GUINT64_FORMAT, +- val); ++ "Unable to determine start time for process with pid %d", ++ scanned_pid); + } + } + } +@@ -268,6 +275,7 @@ polkit_subject_new_for_real (_PolkitSubject *real) + EggDBusHashMap *details; + EggDBusVariant *variant; + EggDBusVariant *variant2; ++ EggDBusVariant *variant3; + + s = NULL; + +@@ -281,10 +289,24 @@ polkit_subject_new_for_real (_PolkitSubject *real) + else if (strcmp (kind, "unix-process") == 0) + { + variant = egg_dbus_hash_map_lookup (details, "pid"); +- variant2 = egg_dbus_hash_map_lookup (details, "start-time"); +- if (variant != NULL && variant2 != NULL) +- s = polkit_unix_process_new_full (egg_dbus_variant_get_uint (variant), +- egg_dbus_variant_get_uint64 (variant2)); ++ if (variant != NULL && egg_dbus_variant_is_uint (variant)) ++ { ++ gint pid; ++ guint64 start_time; ++ gint uid; ++ variant2 = egg_dbus_hash_map_lookup (details, "start-time"); ++ pid = egg_dbus_variant_get_uint (variant); ++ if (variant2 != NULL && egg_dbus_variant_is_uint64 (variant2)) ++ start_time = egg_dbus_variant_get_uint64 (variant2); ++ else ++ start_time = 0; ++ variant3 = egg_dbus_hash_map_lookup (details, "uid"); ++ if (variant3 != NULL && egg_dbus_variant_is_int (variant3)) ++ uid = egg_dbus_variant_get_int (variant3); ++ else ++ uid = -1; ++ s = polkit_unix_process_new_for_owner (pid, start_time, uid); ++ } + } + else if (strcmp (kind, "unix-session") == 0) + { +@@ -330,6 +352,9 @@ polkit_subject_get_real (PolkitSubject *subject) + egg_dbus_hash_map_insert (details, + "start-time", + egg_dbus_variant_new_for_uint64 (polkit_unix_process_get_start_time (POLKIT_UNIX_PROCESS (subject)))); ++ egg_dbus_hash_map_insert (details, ++ "uid", ++ egg_dbus_variant_new_for_int (polkit_unix_process_get_uid (POLKIT_UNIX_PROCESS (subject)))); + } + else if (POLKIT_IS_UNIX_SESSION (subject)) + { +diff --git a/src/polkit/polkitunixprocess.c b/src/polkit/polkitunixprocess.c +index 868e3c5..eb455f6 100644 +--- a/src/polkit/polkitunixprocess.c ++++ b/src/polkit/polkitunixprocess.c +@@ -64,6 +64,7 @@ struct _PolkitUnixProcess + + gint pid; + guint64 start_time; ++ gint uid; + }; + + struct _PolkitUnixProcessClass +@@ -76,6 +77,7 @@ enum + PROP_0, + PROP_PID, + PROP_START_TIME, ++ PROP_UID + }; + + static void subject_iface_init (PolkitSubjectIface *subject_iface); +@@ -83,6 +85,9 @@ static void subject_iface_init (PolkitSubjectIface *subject_iface); + static guint64 get_start_time_for_pid (gint pid, + GError **error); + ++static gint _polkit_unix_process_get_owner (PolkitUnixProcess *process, ++ GError **error); ++ + #ifdef HAVE_FREEBSD + static gboolean get_kinfo_proc (gint pid, struct kinfo_proc *p); + #endif +@@ -94,6 +99,7 @@ G_DEFINE_TYPE_WITH_CODE (PolkitUnixProcess, polkit_unix_process, G_TYPE_OBJECT, + static void + polkit_unix_process_init (PolkitUnixProcess *unix_process) + { ++ unix_process->uid = -1; + } + + static void +@@ -110,6 +116,10 @@ polkit_unix_process_get_property (GObject *object, + g_value_set_int (value, unix_process->pid); + break; + ++ case PROP_UID: ++ g_value_set_int (value, unix_process->uid); ++ break; ++ + case PROP_START_TIME: + g_value_set_uint64 (value, unix_process->start_time); + break; +@@ -134,6 +144,14 @@ polkit_unix_process_set_property (GObject *object, + polkit_unix_process_set_pid (unix_process, g_value_get_int (value)); + break; + ++ case PROP_UID: ++ polkit_unix_process_set_uid (unix_process, g_value_get_int (value)); ++ break; ++ ++ case PROP_START_TIME: ++ polkit_unix_process_set_start_time (unix_process, g_value_get_uint64 (value)); ++ break; ++ + default: + G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec); + break; +@@ -141,12 +159,39 @@ polkit_unix_process_set_property (GObject *object, + } + + static void ++polkit_unix_process_constructed (GObject *object) ++{ ++ PolkitUnixProcess *process = POLKIT_UNIX_PROCESS (object); ++ ++ /* sets start_time and uid in case they are unset */ ++ ++ if (process->start_time == 0) ++ process->start_time = get_start_time_for_pid (process->pid, NULL); ++ ++ if (process->uid == -1) ++ { ++ GError *error; ++ error = NULL; ++ process->uid = _polkit_unix_process_get_owner (process, &error); ++ if (error != NULL) ++ { ++ process->uid = -1; ++ g_error_free (error); ++ } ++ } ++ ++ if (G_OBJECT_CLASS (polkit_unix_process_parent_class)->constructed != NULL) ++ G_OBJECT_CLASS (polkit_unix_process_parent_class)->constructed (object); ++} ++ ++static void + polkit_unix_process_class_init (PolkitUnixProcessClass *klass) + { + GObjectClass *gobject_class = G_OBJECT_CLASS (klass); + + gobject_class->get_property = polkit_unix_process_get_property; + gobject_class->set_property = polkit_unix_process_set_property; ++ gobject_class->constructed = polkit_unix_process_constructed; + + /** + * PolkitUnixProcess:pid: +@@ -158,7 +203,7 @@ polkit_unix_process_class_init (PolkitUnixProcessClass *klass) + g_param_spec_int ("pid", + "Process ID", + "The UNIX process ID", +- -1, ++ 0, + G_MAXINT, + 0, + G_PARAM_CONSTRUCT | +@@ -168,6 +213,27 @@ polkit_unix_process_class_init (PolkitUnixProcessClass *klass) + G_PARAM_STATIC_NICK)); + + /** ++ * PolkitUnixProcess:uid: ++ * ++ * The UNIX user id of the process or -1 if unknown. ++ * ++ * Note that this is the real user-id, not the effective user-id. ++ */ ++ g_object_class_install_property (gobject_class, ++ PROP_UID, ++ g_param_spec_int ("uid", ++ "User ID", ++ "The UNIX user ID", ++ -1, ++ G_MAXINT, ++ -1, ++ G_PARAM_CONSTRUCT | ++ G_PARAM_READWRITE | ++ G_PARAM_STATIC_NAME | ++ G_PARAM_STATIC_BLURB | ++ G_PARAM_STATIC_NICK)); ++ ++ /** + * PolkitUnixProcess:start-time: + * + * The start time of the process. +@@ -180,7 +246,8 @@ polkit_unix_process_class_init (PolkitUnixProcessClass *klass) + 0, + G_MAXUINT64, + 0, +- G_PARAM_READABLE | ++ G_PARAM_CONSTRUCT | ++ G_PARAM_READWRITE | + G_PARAM_STATIC_NAME | + G_PARAM_STATIC_BLURB | + G_PARAM_STATIC_NICK)); +@@ -188,109 +255,50 @@ polkit_unix_process_class_init (PolkitUnixProcessClass *klass) + } + + /** +- * polkit_unix_process_get_pid: ++ * polkit_unix_process_get_uid: + * @process: A #PolkitUnixProcess. + * +- * Gets the process id for @process. ++ * Gets the user id for @process. Note that this is the real user-id, ++ * not the effective user-id. + * +- * Returns: The process id for @process. ++ * Returns: The user id for @process or -1 if unknown. + */ + gint +-polkit_unix_process_get_pid (PolkitUnixProcess *process) ++polkit_unix_process_get_uid (PolkitUnixProcess *process) + { +- return process->pid; ++ g_return_val_if_fail (POLKIT_IS_UNIX_PROCESS (process), -1); ++ return process->uid; + } + + /** +- * polkit_unix_process_get_owner: ++ * polkit_unix_process_set_uid: + * @process: A #PolkitUnixProcess. +- * @error: Return location for error or %NULL. ++ * @uid: The user id to set for @process or -1 to unset it. + * +- * Gets the uid of the owner of @process. ++ * Sets the (real, not effective) user id for @process. ++ */ ++void ++polkit_unix_process_set_uid (PolkitUnixProcess *process, ++ gint uid) ++{ ++ g_return_if_fail (POLKIT_IS_UNIX_PROCESS (process)); ++ g_return_if_fail (uid >= -1); ++ process->uid = uid; ++} ++ ++/** ++ * polkit_unix_process_get_pid: ++ * @process: A #PolkitUnixProcess. + * +- * Note that this returns the real user-id (not the effective user-id) of @process. ++ * Gets the process id for @process. + * +- * Returns: The UNIX user id of the owner for @process or 0 if @error is set. +- **/ ++ * Returns: The process id for @process. ++ */ + gint +-polkit_unix_process_get_owner (PolkitUnixProcess *process, +- GError **error) ++polkit_unix_process_get_pid (PolkitUnixProcess *process) + { +- gint result; +- gchar *contents; +- gchar **lines; +-#ifdef HAVE_FREEBSD +- struct kinfo_proc p; +-#else +- gchar filename[64]; +- guint n; +-#endif +- +- result = 0; +- lines = NULL; +- contents = NULL; +- +-#ifdef HAVE_FREEBSD +- if (get_kinfo_proc (process->pid, &p) == 0) +- { +- g_set_error (error, +- POLKIT_ERROR, +- POLKIT_ERROR_FAILED, +- "get_kinfo_proc() failed for pid %d: %s", +- process->pid, +- g_strerror (errno)); +- goto out; +- } +- +- result = p.ki_uid; +-#else +- /* see 'man proc' for layout of the status file +- * +- * Uid, Gid: Real, effective, saved set, and file system UIDs (GIDs). +- */ +- g_snprintf (filename, sizeof filename, "/proc/%d/status", process->pid); +- if (!g_file_get_contents (filename, +- &contents, +- NULL, +- error)) +- { +- goto out; +- } +- lines = g_strsplit (contents, "\n", -1); +- for (n = 0; lines != NULL && lines[n] != NULL; n++) +- { +- gint real_uid, effective_uid; +- if (!g_str_has_prefix (lines[n], "Uid:")) +- continue; +- if (sscanf (lines[n] + 4, "%d %d", &real_uid, &effective_uid) != 2) +- { +- g_set_error (error, +- POLKIT_ERROR, +- POLKIT_ERROR_FAILED, +- "Unexpected line `%s' in file %s", +- lines[n], +- filename); +- goto out; +- } +- else +- { +- result = real_uid; +- goto out; +- } +- } +- +- g_set_error (error, +- POLKIT_ERROR, +- POLKIT_ERROR_FAILED, +- "Didn't find any line starting with `Uid:' in file %s", +- filename); +-#endif +- +- out: +- g_strfreev (lines); +- g_free (contents); +- +- return result; ++ g_return_val_if_fail (POLKIT_IS_UNIX_PROCESS (process), 0); ++ return process->pid; + } + + /** +@@ -304,10 +312,26 @@ polkit_unix_process_get_owner (PolkitUnixProcess *process, + guint64 + polkit_unix_process_get_start_time (PolkitUnixProcess *process) + { ++ g_return_val_if_fail (POLKIT_IS_UNIX_PROCESS (process), 0); + return process->start_time; + } + + /** ++ * polkit_unix_process_set_start_time: ++ * @process: A #PolkitUnixProcess. ++ * @start_time: The start time for @pid. ++ * ++ * Set the start time of @process. ++ */ ++void ++polkit_unix_process_set_start_time (PolkitUnixProcess *process, ++ guint64 start_time) ++{ ++ g_return_if_fail (POLKIT_IS_UNIX_PROCESS (process)); ++ process->start_time = start_time; ++} ++ ++/** + * polkit_unix_process_set_pid: + * @process: A #PolkitUnixProcess. + * @pid: A process id. +@@ -318,21 +342,21 @@ void + polkit_unix_process_set_pid (PolkitUnixProcess *process, + gint pid) + { ++ g_return_if_fail (POLKIT_IS_UNIX_PROCESS (process)); + process->pid = pid; +- if (pid != (gint) -1) +- process->start_time = get_start_time_for_pid (pid, NULL); + } + + /** + * polkit_unix_process_new: + * @pid: The process id. + * +- * Creates a new #PolkitUnixProcess for @pid. The start time of the +- * process will be looked up in using e.g. the +- * /proc filesystem depending on the platform in +- * use. ++ * Creates a new #PolkitUnixProcess for @pid. + * +- * Returns: A #PolkitSubject. Free with g_object_unref(). ++ * The uid and start time of the process will be looked up in using ++ * e.g. the /proc filesystem depending on the ++ * platform in use. ++ * ++ * Returns: (transfer full): A #PolkitSubject. Free with g_object_unref(). + */ + PolkitSubject * + polkit_unix_process_new (gint pid) +@@ -349,22 +373,42 @@ polkit_unix_process_new (gint pid) + * + * Creates a new #PolkitUnixProcess object for @pid and @start_time. + * +- * Returns: A #PolkitSubject. Free with g_object_unref(). ++ * The uid of the process will be looked up in using e.g. the ++ * /proc filesystem depending on the platform in ++ * use. ++ * ++ * Returns: (transfer full): A #PolkitSubject. Free with g_object_unref(). + */ + PolkitSubject * + polkit_unix_process_new_full (gint pid, + guint64 start_time) + { +- PolkitUnixProcess *process; +- +- process = POLKIT_UNIX_PROCESS (polkit_unix_process_new ((gint) -1)); +- process->pid = pid; +- if (start_time != 0) +- process->start_time = start_time; +- else +- process->start_time = get_start_time_for_pid (pid, NULL); ++ return POLKIT_SUBJECT (g_object_new (POLKIT_TYPE_UNIX_PROCESS, ++ "pid", pid, ++ "start_time", start_time, ++ NULL)); ++} + +- return POLKIT_SUBJECT (process); ++/** ++ * polkit_unix_process_new_for_owner: ++ * @pid: The process id. ++ * @start_time: The start time for @pid or 0 to look it up in e.g. /proc. ++ * @uid: The (real, not effective) uid of the owner of @pid or -1 to look it up in e.g. /proc. ++ * ++ * Creates a new #PolkitUnixProcess object for @pid, @start_time and @uid. ++ * ++ * Returns: (transfer full): A #PolkitSubject. Free with g_object_unref(). ++ */ ++PolkitSubject * ++polkit_unix_process_new_for_owner (gint pid, ++ guint64 start_time, ++ gint uid) ++{ ++ return POLKIT_SUBJECT (g_object_new (POLKIT_TYPE_UNIX_PROCESS, ++ "pid", pid, ++ "start_time", start_time, ++ "uid", uid, ++ NULL)); + } + + static guint +@@ -612,3 +656,95 @@ out: + + return start_time; + } ++ ++static gint ++_polkit_unix_process_get_owner (PolkitUnixProcess *process, ++ GError **error) ++{ ++ gint result; ++ gchar *contents; ++ gchar **lines; ++#ifdef HAVE_FREEBSD ++ struct kinfo_proc p; ++#else ++ gchar filename[64]; ++ guint n; ++#endif ++ ++ g_return_val_if_fail (POLKIT_IS_UNIX_PROCESS (process), 0); ++ g_return_val_if_fail (error == NULL || *error == NULL, 0); ++ ++ result = 0; ++ lines = NULL; ++ contents = NULL; ++ ++#ifdef HAVE_FREEBSD ++ if (get_kinfo_proc (process->pid, &p) == 0) ++ { ++ g_set_error (error, ++ POLKIT_ERROR, ++ POLKIT_ERROR_FAILED, ++ "get_kinfo_proc() failed for pid %d: %s", ++ process->pid, ++ g_strerror (errno)); ++ goto out; ++ } ++ ++ result = p.ki_uid; ++#else ++ ++ /* see 'man proc' for layout of the status file ++ * ++ * Uid, Gid: Real, effective, saved set, and file system UIDs (GIDs). ++ */ ++ g_snprintf (filename, sizeof filename, "/proc/%d/status", process->pid); ++ if (!g_file_get_contents (filename, ++ &contents, ++ NULL, ++ error)) ++ { ++ goto out; ++ } ++ lines = g_strsplit (contents, "\n", -1); ++ for (n = 0; lines != NULL && lines[n] != NULL; n++) ++ { ++ gint real_uid, effective_uid; ++ if (!g_str_has_prefix (lines[n], "Uid:")) ++ continue; ++ if (sscanf (lines[n] + 4, "%d %d", &real_uid, &effective_uid) != 2) ++ { ++ g_set_error (error, ++ POLKIT_ERROR, ++ POLKIT_ERROR_FAILED, ++ "Unexpected line `%s' in file %s", ++ lines[n], ++ filename); ++ goto out; ++ } ++ else ++ { ++ result = real_uid; ++ goto out; ++ } ++ } ++ ++ g_set_error (error, ++ POLKIT_ERROR, ++ POLKIT_ERROR_FAILED, ++ "Didn't find any line starting with `Uid:' in file %s", ++ filename); ++#endif ++ ++out: ++ g_strfreev (lines); ++ g_free (contents); ++ return result; ++} ++ ++/* deprecated public method */ ++gint ++polkit_unix_process_get_owner (PolkitUnixProcess *process, ++ GError **error) ++{ ++ return _polkit_unix_process_get_owner (process, error); ++} +diff --git a/src/polkit/polkitunixprocess.h b/src/polkit/polkitunixprocess.h +index b88cd03..68c7fd7 100644 +--- a/src/polkit/polkitunixprocess.h ++++ b/src/polkit/polkitunixprocess.h +@@ -50,11 +50,21 @@ GType polkit_unix_process_get_type (void) G_GNUC_CONST; + PolkitSubject *polkit_unix_process_new (gint pid); + PolkitSubject *polkit_unix_process_new_full (gint pid, + guint64 start_time); ++PolkitSubject *polkit_unix_process_new_for_owner (gint pid, ++ guint64 start_time, ++ gint uid); + + gint polkit_unix_process_get_pid (PolkitUnixProcess *process); ++gint polkit_unix_process_get_uid (PolkitUnixProcess *process); + guint64 polkit_unix_process_get_start_time (PolkitUnixProcess *process); + void polkit_unix_process_set_pid (PolkitUnixProcess *process, + gint pid); ++void polkit_unix_process_set_uid (PolkitUnixProcess *process, ++ gint uid); ++void polkit_unix_process_set_start_time (PolkitUnixProcess *process, ++ guint64 start_time); ++ ++G_GNUC_DEPRECATED + gint polkit_unix_process_get_owner (PolkitUnixProcess *process, + GError **error); + +-- +1.7.4.4 + diff --git a/patches/source/polkit/CVE-2011-1485/0003-Use-polkit_unix_process_get_uid-to-get-the-owner-of-.patch b/patches/source/polkit/CVE-2011-1485/0003-Use-polkit_unix_process_get_uid-to-get-the-owner-of-.patch new file mode 100644 index 00000000..b7d53752 --- /dev/null +++ b/patches/source/polkit/CVE-2011-1485/0003-Use-polkit_unix_process_get_uid-to-get-the-owner-of-.patch @@ -0,0 +1,41 @@ +From 55e6f92e7340d57a66f83bd69bdf26454fdf7533 Mon Sep 17 00:00:00 2001 +From: David Zeuthen +Date: Mon, 11 Apr 2011 12:41:35 -0400 +Subject: [PATCH 3/6] Use polkit_unix_process_get_uid() to get the owner of a + process + +This avoids a TOCTTOU problem. + +Signed-off-by: David Zeuthen +--- + src/polkitbackend/polkitbackendsessionmonitor.c | 13 ++++++------- + 1 files changed, 6 insertions(+), 7 deletions(-) + +diff --git a/src/polkitbackend/polkitbackendsessionmonitor.c b/src/polkitbackend/polkitbackendsessionmonitor.c +index 2028250..d976514 100644 +--- a/src/polkitbackend/polkitbackendsessionmonitor.c ++++ b/src/polkitbackend/polkitbackendsessionmonitor.c +@@ -418,14 +418,13 @@ polkit_backend_session_monitor_get_user_for_subject (PolkitBackendSessionMonitor + + if (POLKIT_IS_UNIX_PROCESS (subject)) + { +- GError *local_error; +- +- local_error = NULL; +- uid = polkit_unix_process_get_owner (POLKIT_UNIX_PROCESS (subject), &local_error); +- if (local_error != NULL) ++ uid = polkit_unix_process_get_uid (POLKIT_UNIX_PROCESS (subject)); ++ if ((gint) uid == -1) + { +- g_propagate_error (error, local_error); +- g_error_free (local_error); ++ g_set_error (error, ++ POLKIT_ERROR, ++ POLKIT_ERROR_FAILED, ++ "Unix process subject does not have uid set"); + goto out; + } + user = polkit_unix_user_new (uid); +-- +1.7.4.4 + diff --git a/patches/source/polkit/CVE-2011-1485/0004-pkexec-Avoid-TOCTTOU-problems-with-parent-process.patch b/patches/source/polkit/CVE-2011-1485/0004-pkexec-Avoid-TOCTTOU-problems-with-parent-process.patch new file mode 100644 index 00000000..e17947a9 --- /dev/null +++ b/patches/source/polkit/CVE-2011-1485/0004-pkexec-Avoid-TOCTTOU-problems-with-parent-process.patch @@ -0,0 +1,97 @@ +--- ./src/programs/pkexec.c.orig 2010-03-10 11:46:19.000000000 -0600 ++++ ./src/programs/pkexec.c 2011-04-19 23:14:40.505000017 -0500 +@@ -38,6 +38,10 @@ + #include + #include + ++#ifdef __linux__ ++#include ++#endif ++ + #include + + static gchar *original_user_name = NULL; +@@ -410,7 +414,6 @@ + GPtrArray *saved_env; + gchar *opt_user; + pid_t pid_of_caller; +- uid_t uid_of_caller; + + ret = 127; + authority = NULL; +@@ -578,40 +581,49 @@ + */ + g_type_init (); + +- /* now check if the program that invoked us is authorized */ ++ /* make sure we are nuked if the parent process dies */ ++#ifdef __linux__ ++ if (prctl (PR_SET_PDEATHSIG, SIGTERM) != 0) ++ { ++ g_printerr ("prctl(PR_SET_PDEATHSIG, SIGTERM) failed: %s\n", g_strerror (errno)); ++ goto out; ++ } ++#else ++#warning "Please add OS specific code to catch when the parent dies" ++#endif ++ ++ /* Figure out the parent process */ + pid_of_caller = getppid (); + if (pid_of_caller == 1) + { + /* getppid() can return 1 if the parent died (meaning that we are reaped +- * by /sbin/init); get process group leader instead - for example, this +- * happens when launching via gnome-panel (alt+f2, then 'pkexec gedit'). ++ * by /sbin/init); In that case we simpy bail. + */ +- pid_of_caller = getpgrp (); +- } +- +- subject = polkit_unix_process_new (pid_of_caller); +- if (subject == NULL) +- { +- g_printerr ("No such process for pid %d: %s\n", (gint) pid_of_caller, error->message); +- g_error_free (error); ++ g_printerr ("Refusing to render service to dead parents.\n"); + goto out; + } + +- /* paranoia: check that the uid of pid_of_caller matches getuid() */ +- error = NULL; +- uid_of_caller = polkit_unix_process_get_owner (POLKIT_UNIX_PROCESS (subject), +- &error); +- if (error != NULL) +- { +- g_printerr ("Error determing pid of caller (pid %d): %s\n", (gint) pid_of_caller, error->message); +- g_error_free (error); +- goto out; +- } +- if (uid_of_caller != getuid ()) +- { +- g_printerr ("User of caller (%d) does not match our uid (%d)\n", uid_of_caller, getuid ()); +- goto out; +- } ++ /* This process we want to check an authorization for is the process ++ * that launched us - our parent process. ++ * ++ * At the time the parent process fork()'ed and exec()'ed us, the ++ * process had the same real-uid that we have now. So we use this ++ * real-uid instead of of looking it up to avoid TOCTTOU issues ++ * (consider the parent process exec()'ing a setuid helper). ++ * ++ * On the other hand, the monotonic process start-time is guaranteed ++ * to never change so it's safe to look that up given only the PID ++ * since we are guaranteed to be nuked if the parent goes away ++ * (cf. the prctl(2) call above). ++ */ ++ subject = polkit_unix_process_new_for_owner (pid_of_caller, ++ 0, /* 0 means "look up start-time in /proc" */ ++ getuid ()); ++ /* really double-check the invariants guaranteed by the PolkitUnixProcess class */ ++ g_assert (subject != NULL); ++ g_assert (polkit_unix_process_get_pid (POLKIT_UNIX_PROCESS (subject)) == pid_of_caller); ++ g_assert (polkit_unix_process_get_uid (POLKIT_UNIX_PROCESS (subject)) >= 0); ++ g_assert (polkit_unix_process_get_start_time (POLKIT_UNIX_PROCESS (subject)) > 0); + + authority = polkit_authority_get (); + diff --git a/patches/source/polkit/polkit-1-shadow.diff b/patches/source/polkit/polkit-1-shadow.diff new file mode 100644 index 00000000..56e24277 --- /dev/null +++ b/patches/source/polkit/polkit-1-shadow.diff @@ -0,0 +1,1030 @@ +diff --git a/src/polkitagent/Makefile.am b/src/polkitagent/Makefile.am +index 3f38329..e114d01 100644 +--- a/src/polkitagent/Makefile.am ++++ b/src/polkitagent/Makefile.am +@@ -68,8 +68,15 @@ libpolkit_agent_1_la_LDFLAGS = -export-symbols-regex '(^polkit_.*)' + libexec_PROGRAMS = polkit-agent-helper-1 + + polkit_agent_helper_1_SOURCES = \ +- polkitagenthelper.c \ +- $(NULL) ++ polkitagenthelperprivate.c polkitagenthelperprivate.h ++ ++if POLKIT_AUTHFW_PAM ++polkit_agent_helper_1_SOURCES += polkitagenthelper-pam.c ++endif ++if POLKIT_AUTHFW_SHADOW ++polkit_agent_helper_1_SOURCES += polkitagenthelper-shadow.c ++endif ++polkit_agent_helper_1_SOURCES += $(NULL) + + polkit_agent_helper_1_CFLAGS = \ + -D_POLKIT_COMPILATION \ +diff --git a/src/polkitagent/polkitagenthelper-pam.c b/src/polkitagent/polkitagenthelper-pam.c +new file mode 100644 +index 0000000..4c6c6fb +--- /dev/null ++++ b/src/polkitagent/polkitagenthelper-pam.c +@@ -0,0 +1,264 @@ ++/* ++ * Copyright (C) 2008, 2010 Red Hat, Inc. ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General ++ * Public License along with this library; if not, write to the ++ * Free Software Foundation, Inc., 59 Temple Place, Suite 330, ++ * Boston, MA 02111-1307, USA. ++ * ++ * Author: David Zeuthen ++ */ ++ ++#include "config.h" ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include ++#include "polkitagenthelperprivate.h" ++ ++static int conversation_function (int n, const struct pam_message **msg, struct pam_response **resp, void *data); ++ ++int ++main (int argc, char *argv[]) ++{ ++ int rc; ++ const char *user_to_auth; ++ const char *cookie; ++ struct pam_conv pam_conversation; ++ pam_handle_t *pam_h; ++ const void *authed_user; ++ ++ rc = 0; ++ pam_h = NULL; ++ ++ /* clear the entire environment to avoid attacks using with libraries honoring environment variables */ ++ if (clearenv () != 0) ++ goto error; ++ ++ /* set a minimal environment */ ++ setenv ("PATH", "/usr/sbin:/usr/bin:/sbin:/bin", 1); ++ ++ /* check that we are setuid root */ ++ if (geteuid () != 0) ++ { ++ fprintf (stderr, "polkit-agent-helper-1: needs to be setuid root\n"); ++ goto error; ++ } ++ ++ openlog ("polkit-agent-helper-1", LOG_CONS | LOG_PID, LOG_AUTHPRIV); ++ ++ /* check for correct invocation */ ++ if (argc != 3) ++ { ++ syslog (LOG_NOTICE, "inappropriate use of helper, wrong number of arguments [uid=%d]", getuid ()); ++ fprintf (stderr, "polkit-agent-helper-1: wrong number of arguments. This incident has been logged.\n"); ++ goto error; ++ } ++ ++ user_to_auth = argv[1]; ++ cookie = argv[2]; ++ ++ if (getuid () != 0) ++ { ++ /* check we're running with a non-tty stdin */ ++ if (isatty (STDIN_FILENO) != 0) ++ { ++ syslog (LOG_NOTICE, "inappropriate use of helper, stdin is a tty [uid=%d]", getuid ()); ++ fprintf (stderr, "polkit-agent-helper-1: inappropriate use of helper, stdin is a tty. This incident has been logged.\n"); ++ goto error; ++ } ++ } ++ ++#ifdef PAH_DEBUG ++ fprintf (stderr, "polkit-agent-helper-1: user to auth is '%s'.\n", user_to_auth); ++#endif /* PAH_DEBUG */ ++ ++ pam_conversation.conv = conversation_function; ++ pam_conversation.appdata_ptr = NULL; ++ ++ /* start the pam stack */ ++ rc = pam_start ("polkit-1", ++ user_to_auth, ++ &pam_conversation, ++ &pam_h); ++ if (rc != PAM_SUCCESS) ++ { ++ fprintf (stderr, "polkit-agent-helper-1: pam_start failed: %s\n", pam_strerror (pam_h, rc)); ++ goto error; ++ } ++ ++ /* set the requesting user */ ++ rc = pam_set_item (pam_h, PAM_RUSER, user_to_auth); ++ if (rc != PAM_SUCCESS) ++ { ++ fprintf (stderr, "polkit-agent-helper-1: pam_set_item failed: %s\n", pam_strerror (pam_h, rc)); ++ goto error; ++ } ++ ++ /* is user really user? */ ++ rc = pam_authenticate (pam_h, 0); ++ if (rc != PAM_SUCCESS) ++ { ++ fprintf (stderr, "polkit-agent-helper-1: pam_authenticated failed: %s\n", pam_strerror (pam_h, rc)); ++ goto error; ++ } ++ ++ /* permitted access? */ ++ rc = pam_acct_mgmt (pam_h, 0); ++ if (rc != PAM_SUCCESS) ++ { ++ fprintf (stderr, "polkit-agent-helper-1: pam_acct_mgmt failed: %s\n", pam_strerror (pam_h, rc)); ++ goto error; ++ } ++ ++ /* did we auth the right user? */ ++ rc = pam_get_item (pam_h, PAM_USER, &authed_user); ++ if (rc != PAM_SUCCESS) ++ { ++ fprintf (stderr, "polkit-agent-helper-1: pam_get_item failed: %s\n", pam_strerror (pam_h, rc)); ++ goto error; ++ } ++ ++ if (strcmp (authed_user, user_to_auth) != 0) ++ { ++ fprintf (stderr, "polkit-agent-helper-1: Tried to auth user '%s' but we got auth for user '%s' instead", ++ user_to_auth, (const char *) authed_user); ++ goto error; ++ } ++ ++#ifdef PAH_DEBUG ++ fprintf (stderr, "polkit-agent-helper-1: successfully authenticated user '%s'.\n", user_to_auth); ++#endif /* PAH_DEBUG */ ++ ++ pam_end (pam_h, rc); ++ pam_h = NULL; ++ ++#ifdef PAH_DEBUG ++ fprintf (stderr, "polkit-agent-helper-1: sending D-Bus message to PolicyKit daemon\n"); ++#endif /* PAH_DEBUG */ ++ ++ /* now send a D-Bus message to the PolicyKit daemon that ++ * includes a) the cookie; and b) the user we authenticated ++ */ ++ if (!send_dbus_message (cookie, user_to_auth)) ++ { ++#ifdef PAH_DEBUG ++ fprintf (stderr, "polkit-agent-helper-1: error sending D-Bus message to PolicyKit daemon\n"); ++#endif /* PAH_DEBUG */ ++ goto error; ++ } ++ ++#ifdef PAH_DEBUG ++ fprintf (stderr, "polkit-agent-helper-1: successfully sent D-Bus message to PolicyKit daemon\n"); ++#endif /* PAH_DEBUG */ ++ ++ fprintf (stdout, "SUCCESS\n"); ++ flush_and_wait(); ++ return 0; ++ ++error: ++ if (pam_h != NULL) ++ pam_end (pam_h, rc); ++ ++ fprintf (stdout, "FAILURE\n"); ++ flush_and_wait(); ++ return 1; ++} ++ ++static int ++conversation_function (int n, const struct pam_message **msg, struct pam_response **resp, void *data) ++{ ++ struct pam_response *aresp; ++ char buf[PAM_MAX_RESP_SIZE]; ++ int i; ++ ++ data = data; ++ if (n <= 0 || n > PAM_MAX_NUM_MSG) ++ return PAM_CONV_ERR; ++ ++ if ((aresp = calloc(n, sizeof *aresp)) == NULL) ++ return PAM_BUF_ERR; ++ ++ for (i = 0; i < n; ++i) ++ { ++ aresp[i].resp_retcode = 0; ++ aresp[i].resp = NULL; ++ switch (msg[i]->msg_style) ++ { ++ ++ case PAM_PROMPT_ECHO_OFF: ++ fprintf (stdout, "PAM_PROMPT_ECHO_OFF "); ++ goto conv1; ++ ++ case PAM_PROMPT_ECHO_ON: ++ fprintf (stdout, "PAM_PROMPT_ECHO_ON "); ++ conv1: ++ fputs (msg[i]->msg, stdout); ++ if (strlen (msg[i]->msg) > 0 && msg[i]->msg[strlen (msg[i]->msg) - 1] != '\n') ++ fputc ('\n', stdout); ++ fflush (stdout); ++ ++ if (fgets (buf, sizeof buf, stdin) == NULL) ++ goto error; ++ ++ if (strlen (buf) > 0 && ++ buf[strlen (buf) - 1] == '\n') ++ buf[strlen (buf) - 1] = '\0'; ++ ++ aresp[i].resp = strdup (buf); ++ if (aresp[i].resp == NULL) ++ goto error; ++ break; ++ ++ case PAM_ERROR_MSG: ++ fprintf (stdout, "PAM_ERROR_MSG "); ++ goto conv2; ++ ++ case PAM_TEXT_INFO: ++ fprintf (stdout, "PAM_TEXT_INFO "); ++ conv2: ++ fputs (msg[i]->msg, stdout); ++ if (strlen (msg[i]->msg) > 0 && ++ msg[i]->msg[strlen (msg[i]->msg) - 1] != '\n') ++ fputc ('\n', stdout); ++ fflush (stdout); ++ break; ++ ++ default: ++ goto error; ++ } ++ } ++ ++ *resp = aresp; ++ return PAM_SUCCESS; ++ ++error: ++ ++ for (i = 0; i < n; ++i) ++ { ++ if (aresp[i].resp != NULL) { ++ memset (aresp[i].resp, 0, strlen(aresp[i].resp)); ++ free (aresp[i].resp); ++ } ++ } ++ memset (aresp, 0, n * sizeof *aresp); ++ *resp = NULL; ++ return PAM_CONV_ERR; ++} ++ +diff --git a/src/polkitagent/polkitagenthelper-shadow.c b/src/polkitagent/polkitagenthelper-shadow.c +new file mode 100644 +index 0000000..7435533 +--- /dev/null ++++ b/src/polkitagent/polkitagenthelper-shadow.c +@@ -0,0 +1,189 @@ ++/* ++ * Copyright (C) 2008 Red Hat, Inc. ++ * Copyright (C) 2009-2010 Andrew Psaltis ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General ++ * Public License along with this library; if not, write to the ++ * Free Software Foundation, Inc., 59 Temple Place, Suite 330, ++ * Boston, MA 02111-1307, USA. ++ * ++ * Authors: Andrew Psaltis , based on ++ * polkitagenthelper.c which was written by ++ * David Zeuthen ++ */ ++ ++#include "config.h" ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include ++#include "polkitagenthelperprivate.h" ++ ++ ++extern char *crypt (); ++static int shadow_authenticate (struct spwd *shadow); ++ ++int ++main (int argc, char *argv[]) ++{ ++ struct spwd *shadow; ++ const char *user_to_auth; ++ const char *cookie; ++ time_t tm; ++ ++ /* clear the entire environment to avoid attacks with ++ libraries honoring environment variables */ ++ if (clearenv () != 0) ++ goto error; ++ ++ /* set a minimal environment */ ++ setenv ("PATH", "/usr/sbin:/usr/bin:/sbin:/bin", 1); ++ ++ /* check that we are setuid root */ ++ if (geteuid () != 0) ++ { ++ fprintf (stderr, "polkit-agent-helper-1: needs to be setuid root\n"); ++ goto error; ++ } ++ ++ openlog ("polkit-agent-helper-1", LOG_CONS | LOG_PID, LOG_AUTHPRIV); ++ ++ /* check for correct invocation */ ++ if (argc != 3) ++ { ++ syslog (LOG_NOTICE, "inappropriate use of helper, wrong number of arguments [uid=%d]", getuid ()); ++ fprintf (stderr, "polkit-agent-helper-1: wrong number of arguments. This incident has been logged.\n"); ++ goto error; ++ } ++ ++ if (getuid () != 0) ++ { ++ /* check we're running with a non-tty stdin */ ++ if (isatty (STDIN_FILENO) != 0) ++ { ++ syslog (LOG_NOTICE, "inappropriate use of helper, stdin is a tty [uid=%d]", getuid ()); ++ fprintf (stderr, "polkit-agent-helper-1: inappropriate use of helper, stdin is a tty. This incident has been logged.\n"); ++ goto error; ++ } ++ } ++ ++ user_to_auth = argv[1]; ++ cookie = argv[2]; ++ ++#ifdef PAH_DEBUG ++ fprintf (stderr, "polkit-agent-helper-1: user to auth is '%s'.\n", user_to_auth); ++#endif /* PAH_DEBUG */ ++ ++ /* Ask shadow about the user requesting authentication */ ++ if ((shadow = getspnam (user_to_auth)) == NULL) ++ { ++ syslog (LOG_NOTICE, "shadow file data information request for user %s [uid=%d] failed", user_to_auth, getuid()); ++ fprintf(stderr, "polkit-agent-helper-1: could not get shadow information for%.100s", user_to_auth); ++ goto error; ++ } ++ ++ /* Check the user's identity */ ++ if(!shadow_authenticate (shadow)) ++ { ++ syslog (LOG_NOTICE, "authentication failure [uid=%d] trying to authenticate '%s'", getuid (), user_to_auth); ++ fprintf (stderr, "polkit-agent-helper-1: authentication failure. This incident has been logged.\n"); ++ goto error; ++ } ++ ++ /* Check whether the user's password has expired */ ++ time(&tm); ++ if( shadow->sp_max >= 0 && (shadow->sp_lstchg + shadow->sp_max) * 60 * 60 * 24 <= tm) ++ { ++ syslog (LOG_NOTICE, "password expired for user '%s' [uid=%d] trying to authenticate", user_to_auth, getuid () ); ++ fprintf (stderr, "polkit-agent-helper-1: authorization failure. This incident has been logged.\n"); ++ goto error; ++ } ++ ++ /* Check whether the user's password has aged (and account expired along ++ * with it) ++ */ ++ if( shadow->sp_inact >= 0 && (shadow->sp_lstchg + shadow->sp_max + shadow->sp_inact) * 60 * 60 * 24 <= tm) ++ { ++ syslog (LOG_NOTICE, "password aged for user '%s' [uid=%d] trying to authenticate", user_to_auth, getuid () ); ++ fprintf (stderr, "polkit-agent-helper-1: authorization failure. This incident has been logged.\n"); ++ goto error; ++ } ++ ++ /* Check whether the user's account has expired */ ++ if(shadow->sp_expire >= 0 && shadow->sp_expire * 60 * 60 * 24 <= tm) ++ { ++ syslog (LOG_NOTICE, "account expired for user '%s' [uid=%d] trying to authenticate", user_to_auth, getuid () ); ++ fprintf (stderr, "polkit-agent-helper-1: authorization failure. This incident has been logged.\n"); ++ goto error; ++ } ++ ++#ifdef PAH_DEBUG ++ fprintf (stderr, "polkit-agent-helper-1: sending D-Bus message to PolicyKit daemon\n"); ++#endif /* PAH_DEBUG */ ++ ++ /* now send a D-Bus message to the PolicyKit daemon that ++ * includes a) the cookie; and b) the user we authenticated ++ */ ++ if (!send_dbus_message (cookie, user_to_auth)) ++ { ++#ifdef PAH_DEBUG ++ fprintf (stderr, "polkit-agent-helper-1: error sending D-Bus message to PolicyKit daemon\n"); ++#endif /* PAH_DEBUG */ ++ goto error; ++ } ++ ++#ifdef PAH_DEBUG ++ fprintf (stderr, "polkit-agent-helper-1: successfully sent D-Bus message to PolicyKit daemon\n"); ++#endif /* PAH_DEBUG */ ++ ++ fprintf (stdout, "SUCCESS\n"); ++ flush_and_wait(); ++ return 0; ++ ++error: ++ fprintf (stdout, "FAILURE\n"); ++ flush_and_wait(); ++ return 1; ++} ++ ++static int ++shadow_authenticate(struct spwd *shadow) ++{ ++ /* Speak PAM to the daemon, thanks to David Zeuthen for the idea. */ ++ char passwd[512]; ++ fprintf(stdout, "PAM_PROMPT_ECHO_OFF password:\n"); ++ fflush(stdout); ++ usleep (10 * 1000); /* since fflush(3) seems buggy */ ++ ++ if (fgets (passwd, sizeof (passwd), stdin) == NULL) ++ goto error; ++ ++ if (strlen (passwd) > 0 && passwd[strlen (passwd) - 1] == '\n') ++ passwd[strlen (passwd) - 1] = '\0'; ++ ++ if (strcmp (shadow->sp_pwdp, crypt (passwd, shadow->sp_pwdp)) != 0) ++ goto error; ++ return 1; ++error: ++ return 0; ++} ++ +diff --git a/src/polkitagent/polkitagenthelper.c b/src/polkitagent/polkitagenthelper.c +deleted file mode 100644 +index cca86db..0000000 +--- a/src/polkitagent/polkitagenthelper.c ++++ /dev/null +@@ -1,339 +0,0 @@ +-/* +- * Copyright (C) 2008 Red Hat, Inc. +- * +- * This library is free software; you can redistribute it and/or +- * modify it under the terms of the GNU Lesser General Public +- * License as published by the Free Software Foundation; either +- * version 2 of the License, or (at your option) any later version. +- * +- * This library is distributed in the hope that it will be useful, +- * but WITHOUT ANY WARRANTY; without even the implied warranty of +- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +- * Lesser General Public License for more details. +- * +- * You should have received a copy of the GNU Lesser General +- * Public License along with this library; if not, write to the +- * Free Software Foundation, Inc., 59 Temple Place, Suite 330, +- * Boston, MA 02111-1307, USA. +- * +- * Author: David Zeuthen +- */ +- +-#include "config.h" +-#include +-#include +-#include +-#include +-#include +-#include +-#include +-#include +- +-#include +- +-#ifdef HAVE_SOLARIS +-# define LOG_AUTHPRIV (10<<3) +-#endif +- +-#ifndef HAVE_CLEARENV +-extern char **environ; +- +-static int +-clearenv (void) +-{ +- if (environ != NULL) +- environ[0] = NULL; +- return 0; +-} +-#endif +- +-/* Development aid: define PAH_DEBUG to get debugging output. Do _NOT_ +- * enable this in production builds; it may leak passwords and other +- * sensitive information. +- */ +-#undef PAH_DEBUG +-// #define PAH_DEBUG +- +-static gboolean send_dbus_message (const char *cookie, const char *user); +- +-static int conversation_function (int n, const struct pam_message **msg, struct pam_response **resp, void *data); +- +-int +-main (int argc, char *argv[]) +-{ +- int rc; +- const char *user_to_auth; +- const char *cookie; +- struct pam_conv pam_conversation; +- pam_handle_t *pam_h; +- const void *authed_user; +- +- rc = 0; +- pam_h = NULL; +- +- /* clear the entire environment to avoid attacks using with libraries honoring environment variables */ +- if (clearenv () != 0) +- goto error; +- +- /* set a minimal environment */ +- setenv ("PATH", "/usr/sbin:/usr/bin:/sbin:/bin", 1); +- +- /* check that we are setuid root */ +- if (geteuid () != 0) +- { +- fprintf (stderr, "polkit-agent-helper-1: needs to be setuid root\n"); +- goto error; +- } +- +- openlog ("polkit-agent-helper-1", LOG_CONS | LOG_PID, LOG_AUTHPRIV); +- +- /* check for correct invocation */ +- if (argc != 3) +- { +- syslog (LOG_NOTICE, "inappropriate use of helper, wrong number of arguments [uid=%d]", getuid ()); +- fprintf (stderr, "polkit-agent-helper-1: wrong number of arguments. This incident has been logged.\n"); +- goto error; +- } +- +- user_to_auth = argv[1]; +- cookie = argv[2]; +- +- if (getuid () != 0) +- { +- /* check we're running with a non-tty stdin */ +- if (isatty (STDIN_FILENO) != 0) +- { +- syslog (LOG_NOTICE, "inappropriate use of helper, stdin is a tty [uid=%d]", getuid ()); +- fprintf (stderr, "polkit-agent-helper-1: inappropriate use of helper, stdin is a tty. This incident has been logged.\n"); +- goto error; +- } +- } +- +-#ifdef PAH_DEBUG +- fprintf (stderr, "polkit-agent-helper-1: user to auth is '%s'.\n", user_to_auth); +-#endif /* PAH_DEBUG */ +- +- pam_conversation.conv = conversation_function; +- pam_conversation.appdata_ptr = NULL; +- +- /* start the pam stack */ +- rc = pam_start ("polkit-1", +- user_to_auth, +- &pam_conversation, +- &pam_h); +- if (rc != PAM_SUCCESS) +- { +- fprintf (stderr, "polkit-agent-helper-1: pam_start failed: %s\n", pam_strerror (pam_h, rc)); +- goto error; +- } +- +- /* set the requesting user */ +- rc = pam_set_item (pam_h, PAM_RUSER, user_to_auth); +- if (rc != PAM_SUCCESS) +- { +- fprintf (stderr, "polkit-agent-helper-1: pam_set_item failed: %s\n", pam_strerror (pam_h, rc)); +- goto error; +- } +- +- /* is user really user? */ +- rc = pam_authenticate (pam_h, 0); +- if (rc != PAM_SUCCESS) +- { +- fprintf (stderr, "polkit-agent-helper-1: pam_authenticated failed: %s\n", pam_strerror (pam_h, rc)); +- goto error; +- } +- +- /* permitted access? */ +- rc = pam_acct_mgmt (pam_h, 0); +- if (rc != PAM_SUCCESS) +- { +- fprintf (stderr, "polkit-agent-helper-1: pam_acct_mgmt failed: %s\n", pam_strerror (pam_h, rc)); +- goto error; +- } +- +- /* did we auth the right user? */ +- rc = pam_get_item (pam_h, PAM_USER, &authed_user); +- if (rc != PAM_SUCCESS) +- { +- fprintf (stderr, "polkit-agent-helper-1: pam_get_item failed: %s\n", pam_strerror (pam_h, rc)); +- goto error; +- } +- +- if (strcmp (authed_user, user_to_auth) != 0) +- { +- fprintf (stderr, "polkit-agent-helper-1: Tried to auth user '%s' but we got auth for user '%s' instead", +- user_to_auth, (const char *) authed_user); +- goto error; +- } +- +-#ifdef PAH_DEBUG +- fprintf (stderr, "polkit-agent-helper-1: successfully authenticated user '%s'.\n", user_to_auth); +-#endif /* PAH_DEBUG */ +- +- pam_end (pam_h, rc); +- pam_h = NULL; +- +-#ifdef PAH_DEBUG +- fprintf (stderr, "polkit-agent-helper-1: sending D-Bus message to PolicyKit daemon\n"); +-#endif /* PAH_DEBUG */ +- +- /* now send a D-Bus message to the PolicyKit daemon that +- * includes a) the cookie; and b) the user we authenticated +- */ +- if (!send_dbus_message (cookie, user_to_auth)) +- { +-#ifdef PAH_DEBUG +- fprintf (stderr, "polkit-agent-helper-1: error sending D-Bus message to PolicyKit daemon\n"); +-#endif /* PAH_DEBUG */ +- goto error; +- } +- +-#ifdef PAH_DEBUG +- fprintf (stderr, "polkit-agent-helper-1: successfully sent D-Bus message to PolicyKit daemon\n"); +-#endif /* PAH_DEBUG */ +- +- fprintf (stdout, "SUCCESS\n"); +- fflush (stdout); +- fflush (stderr); +- usleep (10 * 1000); /* since fflush(3) seems buggy */ +- return 0; +- +-error: +- if (pam_h != NULL) +- pam_end (pam_h, rc); +- +- fprintf (stdout, "FAILURE\n"); +- fflush (stdout); +- fflush (stderr); +- usleep (10 * 1000); /* since fflush(3) seems buggy */ +- return 1; +-} +- +-static int +-conversation_function (int n, const struct pam_message **msg, struct pam_response **resp, void *data) +-{ +- struct pam_response *aresp; +- char buf[PAM_MAX_RESP_SIZE]; +- int i; +- +- data = data; +- if (n <= 0 || n > PAM_MAX_NUM_MSG) +- return PAM_CONV_ERR; +- +- if ((aresp = calloc(n, sizeof *aresp)) == NULL) +- return PAM_BUF_ERR; +- +- for (i = 0; i < n; ++i) +- { +- aresp[i].resp_retcode = 0; +- aresp[i].resp = NULL; +- switch (msg[i]->msg_style) +- { +- +- case PAM_PROMPT_ECHO_OFF: +- fprintf (stdout, "PAM_PROMPT_ECHO_OFF "); +- goto conv1; +- +- case PAM_PROMPT_ECHO_ON: +- fprintf (stdout, "PAM_PROMPT_ECHO_ON "); +- conv1: +- fputs (msg[i]->msg, stdout); +- if (strlen (msg[i]->msg) > 0 && msg[i]->msg[strlen (msg[i]->msg) - 1] != '\n') +- fputc ('\n', stdout); +- fflush (stdout); +- +- if (fgets (buf, sizeof buf, stdin) == NULL) +- goto error; +- +- if (strlen (buf) > 0 && +- buf[strlen (buf) - 1] == '\n') +- buf[strlen (buf) - 1] = '\0'; +- +- aresp[i].resp = strdup (buf); +- if (aresp[i].resp == NULL) +- goto error; +- break; +- +- case PAM_ERROR_MSG: +- fprintf (stdout, "PAM_ERROR_MSG "); +- goto conv2; +- +- case PAM_TEXT_INFO: +- fprintf (stdout, "PAM_TEXT_INFO "); +- conv2: +- fputs (msg[i]->msg, stdout); +- if (strlen (msg[i]->msg) > 0 && +- msg[i]->msg[strlen (msg[i]->msg) - 1] != '\n') +- fputc ('\n', stdout); +- fflush (stdout); +- break; +- +- default: +- goto error; +- } +- } +- +- *resp = aresp; +- return PAM_SUCCESS; +- +-error: +- +- for (i = 0; i < n; ++i) +- { +- if (aresp[i].resp != NULL) { +- memset (aresp[i].resp, 0, strlen(aresp[i].resp)); +- free (aresp[i].resp); +- } +- } +- memset (aresp, 0, n * sizeof *aresp); +- *resp = NULL; +- return PAM_CONV_ERR; +-} +- +-static gboolean +-send_dbus_message (const char *cookie, const char *user) +-{ +- PolkitAuthority *authority; +- PolkitIdentity *identity; +- GError *error; +- gboolean ret; +- +- ret = FALSE; +- +- error = NULL; +- +- g_type_init (); +- +- authority = polkit_authority_get (); +- +- identity = polkit_unix_user_new_for_name (user, &error); +- if (identity == NULL) +- { +- g_printerr ("Error constructing identity: %s\n", error->message); +- g_error_free (error); +- goto out; +- } +- +- if (!polkit_authority_authentication_agent_response_sync (authority, +- cookie, +- identity, +- NULL, +- &error)) +- { +- g_printerr ("polkit-agent-helper-1: error response to PolicyKit daemon: %s\n", error->message); +- g_error_free (error); +- goto out; +- } +- +- ret = TRUE; +- +- out: +- +- if (identity != NULL) +- g_object_unref (identity); +- +- if (authority != NULL) +- g_object_unref (authority); +- +- return ret; +-} +diff --git a/src/polkitagent/polkitagenthelperprivate.c b/src/polkitagent/polkitagenthelperprivate.c +new file mode 100644 +index 0000000..abf5524 +--- /dev/null ++++ b/src/polkitagent/polkitagenthelperprivate.c +@@ -0,0 +1,97 @@ ++/* ++ * Copyright (C) 2009-2010 Red Hat, Inc. ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General ++ * Public License along with this library; if not, write to the ++ * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, ++ * Boston, MA 02110-1301, USA. ++ * ++ * Authors: David Zeuthen , ++ * Andrew Psaltis ++ */ ++ ++#include "polkitagenthelperprivate.h" ++#include ++ ++#ifndef HAVE_CLEARENV ++extern char **environ; ++ ++static int ++clearenv (void) ++{ ++ if (environ != NULL) ++ environ[0] = NULL; ++ return 0; ++} ++#endif ++ ++ ++gboolean ++send_dbus_message (const char *cookie, const char *user) ++{ ++ PolkitAuthority *authority; ++ PolkitIdentity *identity; ++ GError *error; ++ gboolean ret; ++ ++ ret = FALSE; ++ ++ error = NULL; ++ ++ g_type_init (); ++ ++ authority = polkit_authority_get (); ++ ++ identity = polkit_unix_user_new_for_name (user, &error); ++ if (identity == NULL) ++ { ++ g_printerr ("Error constructing identity: %s\n", error->message); ++ g_error_free (error); ++ goto out; ++ } ++ ++ if (!polkit_authority_authentication_agent_response_sync (authority, ++ cookie, ++ identity, ++ NULL, ++ &error)) ++ { ++ g_printerr ("polkit-agent-helper-1: error response to PolicyKit daemon: %s\n", error->message); ++ g_error_free (error); ++ goto out; ++ } ++ ++ ret = TRUE; ++ ++ out: ++ ++ if (identity != NULL) ++ g_object_unref (identity); ++ ++ if (authority != NULL) ++ g_object_unref (authority); ++ ++ return ret; ++} ++ ++/* fflush(3) stdin and stdout and wait a little bit. ++ * This replaces the three-line commands at the bottom of ++ * polkit-agent-helper-1's main() function. ++ */ ++void ++flush_and_wait () ++{ ++ fflush (stdout); ++ fflush (stderr); ++ usleep (10 * 1000); /* since fflush(3) seems buggy */ ++} +diff --git a/src/polkitagent/polkitagenthelperprivate.h b/src/polkitagent/polkitagenthelperprivate.h +new file mode 100644 +index 0000000..16f7ba4 +--- /dev/null ++++ b/src/polkitagent/polkitagenthelperprivate.h +@@ -0,0 +1,42 @@ ++/* ++ * Copyright (C) 2009-2010 Red Hat, Inc. ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General ++ * Public License along with this library; if not, write to the ++ * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, ++ * Boston, MA 02110-1301, USA. ++ * ++ * Authors: David Zeuthen , ++ * Andrew Psaltis ++ */ ++#ifndef __POLKIT_AGENT_HELPER_PRIVATE_H ++#define __POLKIT_AGENT_HELPER_PRIVATE_H ++ ++#include ++ ++/* Development aid: define PAH_DEBUG to get debugging output. Do _NOT_ ++ * enable this in production builds; it may leak passwords and other ++ * sensitive information. ++ */ ++#undef PAH_DEBUG ++// #define PAH_DEBUG ++ ++#ifdef HAVE_SOLARIS ++# define LOG_AUTHPRIV (10<<3) ++#endif ++ ++gboolean send_dbus_message (const char *cookie, const char *user); ++ ++void flush_and_wait (); ++ ++#endif /* __POLKIT_AGENT_HELPER_PRIVATE_H */ +diff --git a/src/programs/pkexec.c b/src/programs/pkexec.c +index 17c191e..3e096bf 100644 +--- a/src/programs/pkexec.c ++++ b/src/programs/pkexec.c +@@ -34,7 +34,11 @@ + #include + #include + #include ++ ++#ifdef POLKIT_AUTHFW_PAM + #include ++#endif /* POLKIT_AUTHFW_PAM */ ++ + #include + #include + +@@ -115,6 +119,7 @@ log_message (gint level, + + /* ---------------------------------------------------------------------------------------------------- */ + ++#ifdef POLKIT_AUTHFW_PAM + static int + pam_conversation_function (int n, + const struct pam_message **msg, +@@ -167,6 +172,7 @@ out: + pam_end (pam_h, rc); + return ret; + } ++#endif /* POLKIT_AUTHFW_PAM */ + + /* ---------------------------------------------------------------------------------------------------- */ + +@@ -741,11 +747,13 @@ main (int argc, char *argv[]) + * TODO: The question here is whether we should clear the limits before applying them? + * As evident above, neither su(1) (and, for that matter, nor sudo(8)) does this. + */ ++#ifdef POLKIT_AUTHW_PAM + if (!open_session (pw->pw_name)) + { + goto out; + } +- ++#endif /* POLKIT_AUTHFW_PAM */ ++ + /* become the user */ + if (setgroups (0, NULL) != 0) + { diff --git a/patches/source/polkit/polkit.SlackBuild b/patches/source/polkit/polkit.SlackBuild new file mode 100755 index 00000000..3a4f6ca8 --- /dev/null +++ b/patches/source/polkit/polkit.SlackBuild @@ -0,0 +1,149 @@ +#!/bin/sh + +# Copyright 2009 Robby Workman, Northport, Alabama, USA +# Copyright 2010 Eric Hameleers, Eindhoven, NL +# Copyright 2009, 2010, 2011 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. + +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=polkit +VERSION=${VERSION:-1_14bdfd8} +BUILD=${BUILD:-2_slack13.1} +NUMJOBS=${NUMJOBS:--j6} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.bz2 || exit 1 +cd $PKGNAM-$VERSION || exit 1 + +# Apply the patch that makes --with-authfw=shadow work +cat $CWD/polkit-1-shadow.diff | patch -p1 --verbose || exit 1 + +cat $CWD/CVE-2011-1485/0001-PolkitUnixProcess-Clarify-that-the-real-uid-is-retur.patch | patch -p1 || exit 1 +cat $CWD/CVE-2011-1485/0002-Make-PolkitUnixProcess-also-record-the-uid-of-the-pr.patch | patch -p1 || exit 1 +cat $CWD/CVE-2011-1485/0003-Use-polkit_unix_process_get_uid-to-get-the-owner-of-.patch | patch -p1 || exit 1 +cat $CWD/CVE-2011-1485/0004-pkexec-Avoid-TOCTTOU-problems-with-parent-process.patch | patch -p1 || exit 1 + +# Make sure ownerships and permissions are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Configure: +# Using polkit-user=hald for now for easier transition; I don't think the +# separate user account is actually required any more, but I could be wrong +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./autogen.sh \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --enable-gtk-doc \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --enable-man-pages \ + --mandir=/usr/man \ + --disable-static \ + --disable-introspection \ + --with-authfw=shadow \ + --enable-verbose-mode \ + --build=$ARCH-slackware-linux + # Deprecated: + #--with-polkit-user=hald \ + +#NOTE: The directory /etc/polkit-1/localauthority must be owned +# by root and have mode 700 +#NOTE: The directory /var/lib/polkit-1 must be owned +# by root and have mode 700 +#NOTE: The file ${exec_prefix}/libexec/polkit-agent-helper-1 must be owned +# by root and have mode 4755 (setuid root binary) +#NOTE: The file ${exec_prefix}/bin/pkexec must be owned by root and +# have mode 4755 (setuid root binary) + +# Build and install: +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# Strip binaries: +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) +fi + +# Add a documentation directory: +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a \ + AUTHORS COPYING ChangeLog HACKING INSTALL NEWS README \ + $PKG/usr/doc/$PKGNAM-$VERSION +( cd $PKG/usr/doc/$PKGNAM-$VERSION; ln -s ../../share/gtk-doc/html/polkit-1 html +) + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/polkit/slack-desc b/patches/source/polkit/slack-desc new file mode 100644 index 00000000..006d8a8e --- /dev/null +++ b/patches/source/polkit/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler-----------------------------------------------------| +polkit: polkit (authentication framework) +polkit: +polkit: PolicyKit is an application-level toolkit for defining and handling +polkit: the policy that allows unprivileged processes to speak to privileged +polkit: processes. PolicyKit is specifically targeting applications in rich +polkit: desktop environments on multi-user UNIX-like operating systems. +polkit: +polkit: +polkit: +polkit: Home: http://www.freedesktop.org/wiki/Software/PolicyKit +polkit: diff --git a/patches/source/poppler/poppler-0.12.4-CVE-2010-3702.patch b/patches/source/poppler/poppler-0.12.4-CVE-2010-3702.patch new file mode 100644 index 00000000..9875b5a5 --- /dev/null +++ b/patches/source/poppler/poppler-0.12.4-CVE-2010-3702.patch @@ -0,0 +1,18 @@ +--- poppler-0.12.4/poppler/Gfx.cc 2010-01-23 00:54:42.000000000 +0100 ++++ poppler-0.12.4/poppler/Gfx.cc 2010-10-06 13:35:27.000000000 +0200 +@@ -518,6 +518,7 @@ Gfx::Gfx(XRef *xrefA, OutputDev *outA, i + drawText = gFalse; + maskHaveCSPattern = gFalse; + mcStack = NULL; ++ parser = NULL; + + // start the resource stack + res = new GfxResources(xref, resDict, NULL); +@@ -570,6 +571,7 @@ Gfx::Gfx(XRef *xrefA, OutputDev *outA, D + drawText = gFalse; + maskHaveCSPattern = gFalse; + mcStack = NULL; ++ parser = NULL; + + // start the resource stack + res = new GfxResources(xref, resDict, NULL); diff --git a/patches/source/poppler/poppler-0.12.4-CVE-2010-3703.patch b/patches/source/poppler/poppler-0.12.4-CVE-2010-3703.patch new file mode 100644 index 00000000..565a45ba --- /dev/null +++ b/patches/source/poppler/poppler-0.12.4-CVE-2010-3703.patch @@ -0,0 +1,10 @@ +--- poppler-0.12.4/poppler/Function.cc 2010-01-17 01:06:57.000000000 +0100 ++++ poppler-0.12.4/poppler/Function.cc 2010-10-06 13:40:22.000000000 +0200 +@@ -1106,6 +1106,7 @@ PostScriptFunction::PostScriptFunction(O + code = NULL; + codeString = NULL; + codeSize = 0; ++ stack = NULL; + ok = gFalse; + cache = new PopplerCache(5); + diff --git a/patches/source/poppler/poppler-0.12.4-CVE-2010-3704.patch b/patches/source/poppler/poppler-0.12.4-CVE-2010-3704.patch new file mode 100644 index 00000000..bfd5f41b --- /dev/null +++ b/patches/source/poppler/poppler-0.12.4-CVE-2010-3704.patch @@ -0,0 +1,20 @@ +--- poppler-0.12.4/fofi/FoFiType1.cc 2010-01-17 01:06:57.000000000 +0100 ++++ poppler-0.12.4/fofi/FoFiType1.cc 2010-10-06 13:37:39.000000000 +0200 +@@ -13,7 +13,7 @@ + // All changes made under the Poppler project to this file are licensed + // under GPL version 2 or later + // +-// Copyright (C) 2005, 2008 Albert Astals Cid ++// Copyright (C) 2005, 2008, 2010 Albert Astals Cid + // Copyright (C) 2005 Kristian Høgsberg + // + // To see a description of the changes please see the Changelog file that +@@ -241,7 +242,7 @@ void FoFiType1::parse() { + code = code * 8 + (*p2 - '0'); + } + } +- if (code < 256) { ++ if (code < 256 && code >= 0) { + for (p = p2; *p == ' ' || *p == '\t'; ++p) ; + if (*p == '/') { + ++p; diff --git a/patches/source/poppler/poppler.SlackBuild b/patches/source/poppler/poppler.SlackBuild new file mode 100755 index 00000000..fa07827d --- /dev/null +++ b/patches/source/poppler/poppler.SlackBuild @@ -0,0 +1,127 @@ +#!/bin/sh + +# Copyright 2006, 2007, 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=poppler +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-${PKGNAM} +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP || exit 1 +rm -rf ${PKGNAM}-${VERSION} +tar xvf $CWD/${PKGNAM}-$VERSION.tar.?z* || exit 1 +cd ${PKGNAM}-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +zcat $CWD/poppler-0.12.4-CVE-2010-3702.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/poppler-0.12.4-CVE-2010-3703.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/poppler-0.12.4-CVE-2010-3704.patch.gz | patch -p1 --verbose || exit 1 + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --enable-xpdf-headers \ + --enable-poppler-qt4 \ + --enable-cairo-output \ + --mandir=/usr/man \ + --disable-static \ + --enable-zlib \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) +fi + +mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION +cp -a AUTHORS COPYING* INSTALL NEWS README README-XPDF TODO \ + $PKG/usr/doc/${PKGNAM}-$VERSION +( cd $PKG/usr/doc/${PKGNAM}-$VERSION + ln -s /usr/share/gtk-doc/html/poppler html ) + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/${PKGNAM}-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/poppler/slack-desc b/patches/source/poppler/slack-desc new file mode 100644 index 00000000..9d5891d8 --- /dev/null +++ b/patches/source/poppler/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +poppler: poppler (a library for rendering PDF documents) +poppler: +poppler: Poppler is a library based on the xpdf PDF viewer developed by Derek +poppler: Noonburg of Glyph and Cog, LLC. Since xpdf does not provide a shared +poppler: library, whenever a flaw was found potentially dozens of applications +poppler: incorporating code from xpdf would have to be patched. By providing +poppler: a centralized PDF library this duplicated effort will be eliminated. +poppler: +poppler: +poppler: +poppler: diff --git a/patches/source/ppp/doinst.sh b/patches/source/ppp/doinst.sh new file mode 100644 index 00000000..54facc41 --- /dev/null +++ b/patches/source/ppp/doinst.sh @@ -0,0 +1,21 @@ +#!/bin/sh +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/ppp/chap-secrets.new +config etc/ppp/options.new +config etc/ppp/pap-secrets.new + +config etc/radiusclient/issue.new +config etc/radiusclient/radiusclient.conf.new +config etc/radiusclient/realms.new +config etc/radiusclient/servers.new + diff --git a/patches/source/ppp/options.new b/patches/source/ppp/options.new new file mode 100644 index 00000000..2a028657 --- /dev/null +++ b/patches/source/ppp/options.new @@ -0,0 +1,276 @@ +# /etc/ppp/options +# +# $Id: options,v 1.4 1996/05/01 18:57:04 alvar Exp $ +# +# Originally created by Jim Knoble +# Modified for Debian by alvar Bray +# Modified for PPP Server setup by Christoph Lameter +# Modified for Slackware by Pat Volkerding +# +# Use the command egrep -v '#|^ *$' /etc/ppp/options to quickly see what +# options are active in this file. + +# Specify which DNS Servers the incoming Win95 or WinNT Connection should use +# Two Servers can be remotely configured +# dns-addr 192.168.1.1 +# dns-addr 192.168.1.2 + +# Specify which WINS Servers the incoming connection Win95 or WinNT should use +# wins-addr 192.168.1.50 +# wins-addr 192.168.1.51 + +# Run the executable or shell command specified after pppd has +# terminated the link. This script could, for example, issue commands +# to the modem to cause it to hang up if hardware modem control signals +# were not available. +#disconnect "chat -- \d+++\d\c OK ath0 OK" + +# async character map -- 32-bit hex; each bit is a character +# that needs to be escaped for pppd to receive it. 0x00000001 +# represents '\x01', and 0x80000000 represents '\x1f'. +asyncmap 0 + +# Require the peer to authenticate itself before allowing network +# packets to be sent or received. +# For a PPP Server with script based logins not using PAP or CHAP +# you need to disable this setting. +#auth + +# Do not require the other end of the connection to authenticate itself. +# This option is dangerous if pppd is setuid. +# If you also have ethernet and are having problems getting PPP to connect +# over a modem, try this option. +#noauth + +# Use hardware flow control (i.e. RTS/CTS) to control the flow of data +# on the serial port. +crtscts + +# Use software flow control (i.e. XON/XOFF) to control the flow of data +# on the serial port. +#xonxoff + +# Specifies that certain characters should be escaped on transmission +# (regardless of whether the peer requests them to be escaped with its +# async control character map). The characters to be escaped are +# specified as a list of hex numbers separated by commas. Note that +# almost any character can be specified for the escape option, unlike +# the asyncmap option which only allows control characters to be +# specified. The characters which may not be escaped are those with hex +# values 0x20 - 0x3f or 0x5e. +#escape 11,13,ff + +# Don't use the modem control lines. +#local + +# Specifies that pppd should use a UUCP-style lock on the serial device +# to ensure exclusive access to the device. +lock + +# Use the modem control lines. On Ultrix, this option implies hardware +# flow control, as for the crtscts option. (This option is not fully +# implemented.) +modem + +# Set the MRU [Maximum Receive Unit] value to for negotiation. pppd +# will ask the peer to send packets of no more than bytes. The +# minimum MRU value is 128. The default MRU value is 1500. A value of +# 296 is recommended for slow links (40 bytes for TCP/IP header + 256 +# bytes of data). +#mru 542 + +# Set the interface netmask to , a 32 bit netmask in "decimal dot" +# notation (e.g. 255.255.255.0). +#netmask 255.255.255.0 + +# Disables the default behaviour when no local IP address is specified, +# which is to determine (if possible) the local IP address from the +# hostname. With this option, the peer will have to supply the local IP +# address during IPCP negotiation (unless it specified explicitly on the +# command line or in an options file). +#noipdefault + +# Enables the "passive" option in the LCP. With this option, pppd will +# attempt to initiate a connection; if no reply is received from the +# peer, pppd will then just wait passively for a valid LCP packet from +# the peer (instead of exiting, as it does without this option). +#passive + +# With this option, pppd will not transmit LCP packets to initiate a +# connection until a valid LCP packet is received from the peer (as for +# the "passive" option with old versions of pppd). +#silent + +# Don't request or allow negotiation of any options for LCP and IPCP +# (use default values). +#-all + +# Disable Address/Control compression negotiation (use default, i.e. +# address/control field disabled). +#-ac + +# Disable asyncmap negotiation (use the default asyncmap, i.e. escape +# all control characters). +#-am + +# Don't fork to become a background process (otherwise pppd will do so +# if a serial device is specified). +#-detach + +# Disable IP address negotiation (with this option, the remote IP +# address must be specified with an option on the command line or in an +# options file). +#-ip + +# Disable magic number negotiation. With this option, pppd cannot +# detect a looped-back line. +#-mn + +# Disable MRU [Maximum Receive Unit] negotiation (use default, i.e. +# 1500). +#-mru + +# Disable protocol field compression negotiation (use default, i.e. +# protocol field compression disabled). +#-pc + +# Require the peer to authenticate itself using PAP. +#+pap + +# Don't agree to authenticate using PAP. +#-pap + +# Require the peer to authenticate itself using CHAP [Cryptographic +# Handshake Authentication Protocol] authentication. +#+chap + +# Don't agree to authenticate using CHAP. +#-chap + +# Disable negotiation of Van Jacobson style IP header compression (use +# default, i.e. no compression). +#-vj + +# Increase debugging level (same as -d). If this option is given, pppd +# will log the contents of all control packets sent or received in a +# readable form. The packets are logged through syslog with facility +# daemon and level debug. This information can be directed to a file by +# setting up /etc/syslog.conf appropriately (see syslog.conf(5)). (If +# pppd is compiled with extra debugging enabled, it will log messages +# using facility local2 instead of daemon). +#debug + +# Append the domain name to the local host name for authentication +# purposes. For example, if gethostname() returns the name porsche, +# but the fully qualified domain name is porsche.Quotron.COM, you would +# use the domain option to set the domain name to Quotron.COM. +#domain + +# Enable debugging code in the kernel-level PPP driver. The argument n +# is a number which is the sum of the following values: 1 to enable +# general debug messages, 2 to request that the contents of received +# packets be printed, and 4 to request that the contents of transmitted +# packets be printed. +#kdebug n + +# Set the MTU [Maximum Transmit Unit] value to . Unless the peer +# requests a smaller value via MRU negotiation, pppd will request that +# the kernel networking code send data packets of no more than n bytes +# through the PPP network interface. +#mtu + +# Enforce the use of the hostname as the name of the local system for +# authentication purposes (overrides the name option). +#usehostname + +# Set the assumed name of the remote system for authentication purposes +# to . +#remotename + +# Add an entry to this system's ARP [Address Resolution Protocol] +# table with the IP address of the peer and the Ethernet address of this +# system. +proxyarp + +# Use the system password database for authenticating the peer using +# PAP. Note: mgetty already provides this option. If this is specified +# then dialin from users using a script under Linux to fire up ppp wont work. +# login + +# If this option is given, pppd will send an LCP echo-request frame to +# the peer every n seconds. Under Linux, the echo-request is sent when +# no packets have been received from the peer for n seconds. Normally +# the peer should respond to the echo-request by sending an echo-reply. +# This option can be used with the lcp-echo-failure option to detect +# that the peer is no longer connected. +lcp-echo-interval 30 + +# If this option is given, pppd will presume the peer to be dead if n +# LCP echo-requests are sent without receiving a valid LCP echo-reply. +# If this happens, pppd will terminate the connection. Use of this +# option requires a non-zero value for the lcp-echo-interval parameter. +# This option can be used to enable pppd to terminate after the physical +# connection has been broken (e.g., the modem has hung up) in +# situations where no hardware modem control lines are available. +lcp-echo-failure 4 + +# Set the LCP restart interval (retransmission timeout) to seconds +# (default 3). +#lcp-restart + +# Set the maximum number of LCP terminate-request transmissions to +# (default 3). +#lcp-max-terminate + +# Set the maximum number of LCP configure-request transmissions to +# (default 10). +#lcp-max-configure + +# Set the maximum number of LCP configure-NAKs returned before starting +# to send configure-Rejects instead to (default 10). +#lcp-max-failure + +# Set the IPCP restart interval (retransmission timeout) to +# seconds (default 3). +#ipcp-restart + +# Set the maximum number of IPCP terminate-request transmissions to +# (default 3). +#ipcp-max-terminate + +# Set the maximum number of IPCP configure-request transmissions to +# (default 10). +#ipcp-max-configure + +# Set the maximum number of IPCP configure-NAKs returned before starting +# to send configure-Rejects instead to (default 10). +#ipcp-max-failure + +# Set the PAP restart interval (retransmission timeout) to seconds +# (default 3). +#pap-restart + +# Set the maximum number of PAP authenticate-request transmissions to +# (default 10). +#pap-max-authreq + +# Set the CHAP restart interval (retransmission timeout for +# challenges) to seconds (default 3). +#chap-restart + +# Set the maximum number of CHAP challenge transmissions to +# (default 10). +#chap-max-challenge + +# If this option is given, pppd will rechallenge the peer every +# seconds. +#chap-interval + +# With this option, pppd will accept the peer's idea of our local IP +# address, even if the local IP address was specified in an option. +#ipcp-accept-local + +# With this option, pppd will accept the peer's idea of its (remote) IP +# address, even if the remote IP address was specified in an option. +#ipcp-accept-remote + diff --git a/patches/source/ppp/ppp.CVE-2014-3158.diff b/patches/source/ppp/ppp.CVE-2014-3158.diff new file mode 100644 index 00000000..500ca18e --- /dev/null +++ b/patches/source/ppp/ppp.CVE-2014-3158.diff @@ -0,0 +1,30 @@ +diff --git a/pppd/options.c b/pppd/options.c +index 45fa742..e9042d1 100644 +--- a/pppd/options.c ++++ b/pppd/options.c +@@ -1289,9 +1289,10 @@ getword(f, word, newlinep, filename) + /* + * Store the resulting character for the escape sequence. + */ +- if (len < MAXWORDLEN-1) ++ if (len < MAXWORDLEN) { + word[len] = value; +- ++len; ++ ++len; ++ } + + if (!got) + c = getc(f); +@@ -1329,9 +1330,10 @@ getword(f, word, newlinep, filename) + /* + * An ordinary character: store it in the word and get another. + */ +- if (len < MAXWORDLEN-1) ++ if (len < MAXWORDLEN) { + word[len] = c; +- ++len; ++ ++len; ++ } + + c = getc(f); + } diff --git a/patches/source/ppp/ppp.CVE-2015-3310.diff b/patches/source/ppp/ppp.CVE-2015-3310.diff new file mode 100644 index 00000000..ecf53ce4 --- /dev/null +++ b/patches/source/ppp/ppp.CVE-2015-3310.diff @@ -0,0 +1,11 @@ +--- ./pppd/plugins/radius/util.c.orig 2015-04-17 11:43:59.687374237 -0500 ++++ ./pppd/plugins/radius/util.c 2015-04-17 11:45:12.612379499 -0500 +@@ -77,7 +77,7 @@ + static unsigned short int cnt = 0; + sprintf (buf, "%08lX%04X%02hX", + (unsigned long int) time (NULL), +- (unsigned int) getpid (), ++ (unsigned int) getpid () % 65535, + cnt & 0xFF); + cnt++; + return buf; diff --git a/patches/source/ppp/ppp.SlackBuild b/patches/source/ppp/ppp.SlackBuild new file mode 100755 index 00000000..e4187d0a --- /dev/null +++ b/patches/source/ppp/ppp.SlackBuild @@ -0,0 +1,172 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +VERSION=2.4.5 +RADVER=0.3.2 +PPPVER=1.98 +BUILD=${BUILD:-2_slack13.1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-ppp + +rm -rf $PKG +mkdir -p $TMP $PKG + +echo "+============+" +echo "| ppp-$VERSION |" +echo "+============+" +cd $TMP +rm -rf ppp-$VERSION +tar xvf $CWD/ppp-$VERSION.tar.bz2 || exit 1 +cd ppp-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +zcat $CWD/ppp.slack.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit +sed -i -e "s#lib/pppd#lib${LIBDIRSUFFIX}/pppd#g" $(grep -lr 'lib/pppd' *) + +zcat $CWD/ppp.CVE-2014-3158.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/ppp.CVE-2015-3310.diff.gz | patch -p1 --verbose || exit 1 + +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG/usr + +mv $PKG/usr/share/man $PKG/usr +rmdir $PKG/usr/share + +# Install PPP config files: +mkdir -p $PKG/etc/ppp +cp -a etc.ppp/* $PKG/etc/ppp +chmod 600 $PKG/etc/ppp/*secrets +( cd $PKG/etc/ppp + mv chap-secrets chap-secrets.new + mv options options.new + mv pap-secrets pap-secrets.new +) +zcat $CWD/options.new.gz > $PKG/etc/ppp/options.new + +# Fix what seems like an insecure default setting. +# Feel free to "chmod 4750 pppoatm.so rp-pppoe.so" at your own risk. +# Since they are only runnable by group root, the risk really isn't much... +chmod 755 $PKG/usr/lib${LIBDIRSUFFIX}/pppd/*/*.so + +mkdir -p $PKG/usr/doc/ppp-$VERSION +cp -a \ + FAQ PLUGINS README* SETUP scripts \ + $PKG/usr/doc/ppp-$VERSION + +echo "+====================+" +echo "| radiusclient-$RADVER |" +echo "+====================+" +cd $TMP +rm -rf radiusclient-$RADVER +tar xf $CWD/radiusclient-$RADVER.tar.bz2 || exit 1 +cd radiusclient-$RADVER || exit 1 +chown -R root:root . +#cp /usr/share/libtool/config.{guess,sub} . # libtool-1.x +cp /usr/share/libtool/config/config.{guess,sub} . # libtool-2.x +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 +zcat $CWD/radius.msdict.gz > $PKG/etc/radiusclient/dictionary.microsoft +zcat $CWD/realms.gz > $PKG/etc/radiusclient/realms +zcat $CWD/servers.gz > $PKG/etc/radiusclient/servers +( cd $PKG/etc/radiusclient + chmod 600 realms servers + mv issue issue.new + mv radiusclient.conf radiusclient.conf.new + mv realms realms.new + mv servers servers.new +) +mkdir -p $PKG/usr/doc/radiusclient-$RADVER +cp -a \ + BUGS CHANGES COPYRIGHT README README.radexample doc/instop.html \ + $PKG/usr/doc/radiusclient-$RADVER +chmod 644 $PKG/usr/doc/radiusclient-$RADVER/* + +echo "+===============+" +echo "| pppsetup-$PPPVER |" +echo "+===============+" +cd $TMP +rm -rf pppsetup-$PPPVER +tar xvf $CWD/pppsetup-$PPPVER.tar.gz || exit 1 +cd pppsetup-$PPPVER || exit 1 +chown -R root:root . +zcat $CWD/pppsetup-1.98.slack.diff.gz | patch -p1 --backup || exit +zcat $CWD/pppsetup-1.98.pppoff.diff.gz | patch -p0 --backup || exit +zcat $CWD/pppsetup-1.98.moredevs.diff.gz | patch -p1 --backup || exit +zcat $CWD/pppsetup-1.98.backupfiles.diff.gz | patch -p1 --backup || exit +chmod 755 ppp-off pppsetup +cp -a ppp-off pppsetup $PKG/usr/sbin +mkdir -p $PKG/usr/doc/pppsetup +cp -a \ + README.pppsetup ppp-compile.txt pppsetup-$PPPVER.README pppsetup-$PPPVER.lsm \ + $PKG/usr/doc/pppsetup + +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . -name "*.a" | xargs file | grep "ar archive" | cut -f 1 -d : | xargs strip -g 2> /dev/null +) + +chmod 755 $PKG/usr/sbin/* + +gzip -9 $PKG/usr/man/man?/*.? +chmod 644 $PKG/usr/man/man?/* + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/ppp-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/ppp/ppp.slack.diff b/patches/source/ppp/ppp.slack.diff new file mode 100644 index 00000000..dafd0d3e --- /dev/null +++ b/patches/source/ppp/ppp.slack.diff @@ -0,0 +1,28 @@ +diff -r -u ppp-2.4.2.orig/pppd/Makefile.linux ppp-2.4.2/pppd/Makefile.linux +--- ppp-2.4.2.orig/pppd/Makefile.linux 2003-11-27 13:55:19.000000000 -0800 ++++ ppp-2.4.2/pppd/Makefile.linux 2004-02-22 21:36:11.000000000 -0800 +@@ -31,7 +31,7 @@ + + # CC = gcc + # +-COPTS = -O2 -pipe -Wall -g ++COPTS = -O2 -pipe -Wall + LIBS = + + # Uncomment the next 2 lines to include support for Microsoft's +@@ -61,13 +61,13 @@ + + HAS_SHADOW=y + #USE_PAM=y +-#HAVE_INET6=y ++HAVE_INET6=y + + # Enable plugins + PLUGIN=y + + # Enable Microsoft proprietary Callback Control Protocol +-#CBCP=y ++CBCP=y + + # Enable EAP SRP-SHA1 authentication (requires libsrp) + #USE_SRP=y diff --git a/patches/source/ppp/pppsetup-1.98.backupfiles.diff b/patches/source/ppp/pppsetup-1.98.backupfiles.diff new file mode 100644 index 00000000..6b364779 --- /dev/null +++ b/patches/source/ppp/pppsetup-1.98.backupfiles.diff @@ -0,0 +1,26 @@ +--- ./pppsetup.orig Sun May 19 19:01:29 2002 ++++ ./pppsetup Sun May 19 19:06:07 2002 +@@ -861,10 +861,12 @@ + echo "multi on" >> /etc/host.conf + fi + +-if [ ! -z $DOMAINNAME ]; then ++if [ ! -z $DOMAINNAME ]; then ++# backup file ++cp -a /etc/resolv.conf /etc/resolv.conf.$$ 2> /dev/null + echo "search $DOMAINNAME" > /etc/resolv.conf + else +-rm -f /etc/resolv.conf 2>/dev/null ++rm -f /etc/resolv.conf 2>/dev/null + DOMAINNAME="unknown.com" + fi + +@@ -875,6 +877,8 @@ + fi + + if [ ! -s /etc/hosts ]; then ++# backup file ++cp -a /etc/hosts /etc/hosts.bak.$$ 2> /dev/null + echo "127.0.0.1 localhost" > /etc/hosts + if [ "$DOMAINNAME" = "unknown.com" ]; then + echo "0.0.0.0 `hostname 2>/dev/null`.localnet `hostname 2>/dev/null`" >> /etc/hosts diff --git a/patches/source/ppp/pppsetup-1.98.moredevs.diff b/patches/source/ppp/pppsetup-1.98.moredevs.diff new file mode 100644 index 00000000..6a11a3b5 --- /dev/null +++ b/patches/source/ppp/pppsetup-1.98.moredevs.diff @@ -0,0 +1,105 @@ +--- ./pppsetup.orig Sun May 19 18:41:04 2002 ++++ ./pppsetup Sun May 19 18:52:49 2002 +@@ -1,15 +1,10 @@ + #!/bin/bash +-############################################################################### +-# + # PPPSETUP -- Script to set up pppd + # History: + # 7/21/95 RSL Script created (v1.0) + # 9/15/96 RSL Added code to get the ISP's domainname (v1.1) + # 9/19/96 RSL Revamped interface to use the 'dialog' + # program. (v1.2) +-############################################################################### +- +-############################################################################### + # 2/22/98 KR Added pap, chap, ms-chap, callback, & + # modem init string options. (v1.98) + # Creates /etc/ppp/options, & pap, chap, +@@ -17,33 +12,21 @@ + # More guidance. + # Monitor connection with tail & syslogd. + # Demand dialing setup with ppp-2.3.0 or later. +-############################################################################### +- +-############################################################################### + # 4/4/98 PJV Fixed massive /tmp-related security problems + # Switched to a default init string that's more + # likely to work + # Increased TIMEOUTs + # fixed bad flags given to chat -- caused dialout + # to fail +-############################################################################### +- +-############################################################################### + # 2/6/1999 PJV Changed all occurances of /dev/cua* to /dev/ttyS* +-############################################################################### +- +-############################################################################### + # 5/3/1999 PJV Commented 'debug' in /etc/ppp/options + # Add commented 'noauth' in /etc/ppp/options so + # people who want to use ppp but already have a + # default route have an easier time figuring out + # what to do. :) +-############################################################################### +- +-############################################################################### + # 6/18/2000 PJV Added code to check for "ppp-stop" and "ppp-on" + # symlinks, and make them if they don't exist. +-############################################################################### ++# 5/19/2002 PJV Added support for more devices. + + TMP=/var/log/setup/tmp + +@@ -137,25 +120,40 @@ + done + + echo "Where is your modem /dev/ttyS?" > $TMP/txtTEMP$$ +-dialog --backtitle "MODEM DEVICE ..." --menu "`cat $TMP/txtTEMP$$`" 11 50 4 \ ++dialog --backtitle "MODEM DEVICE ..." --menu "`cat $TMP/txtTEMP$$`" 17 60 10 \ ++modem "= use whatever /dev/modem is linked to" \ + ttyS0 "= (COM1: under DOS)" \ + ttyS1 "= (COM2: under DOS)" \ + ttyS2 "= (COM3: under DOS)" \ + ttyS3 "= (COM4: under DOS)" \ ++ttyS4 "= PCI modem" \ ++ttyS5 "= PCI modem" \ ++ttyS6 "= PCI modem" \ ++ttyS7 "= PCI modem" \ ++ttyS8 "= PCI modem" \ ++ttyS9 "= PCI modem" \ ++ttyS10 "= PCI modem" \ ++ttyS11 "= PCI modem" \ ++ttyS12 "= PCI modem" \ ++ttyS13 "= PCI modem" \ ++ttyS14 "= PCI modem" \ ++ttyS15 "= PCI modem" \ + 2> $TMP/rspTEMP$$ + + MODEM="`cat $TMP/rspTEMP$$`" + +-if [ -z $MODEM ]; then +-clear 2>/dev/null || echo +-rm -f $TMP/*TEMP* +-echo "PPP configuration cancelled." +-exit +-elif [ ! -c "/dev/$MODEM" ]; then +-/dev/MAKEDEV $MODEM >/dev/null 2>&1 || MODERROR="YES" +-else +-rm -f /dev/modem 2>/dev/null +-ln -sf /dev/$MODEM /dev/modem 2>/dev/null ++if [ ! "$MODEM" = "modem" ]; then ++ if [ -z $MODEM ]; then ++ clear 2>/dev/null || echo ++ rm -f $TMP/*TEMP* ++ echo "PPP configuration cancelled." ++ exit ++ elif [ ! -c "/dev/$MODEM" ]; then ++ /dev/MAKEDEV $MODEM >/dev/null 2>&1 || MODERROR="YES" ++ else ++ rm -f /dev/modem 2>/dev/null ++ ln -sf /dev/$MODEM /dev/modem 2>/dev/null ++ fi + fi + + echo "What baud rate is your modem?" > $TMP/txtTEMP$$ diff --git a/patches/source/ppp/pppsetup-1.98.pppoff.diff b/patches/source/ppp/pppsetup-1.98.pppoff.diff new file mode 100644 index 00000000..66b51ba7 --- /dev/null +++ b/patches/source/ppp/pppsetup-1.98.pppoff.diff @@ -0,0 +1,19 @@ +--- ppp-off.orig Fri Oct 20 17:43:50 2000 ++++ ppp-off Fri Oct 20 17:46:32 2000 +@@ -21,14 +21,8 @@ + # This just checks if demand dialing is running, if so it + # says Demand Dialing Stoped. + +-ps x 2>/dev/null > /tmp/grep.tmp +- +-if grep 2>/dev/null "options.demand" /tmp/grep.tmp >/dev/null +-then +-rm -f /tmp/grep.tmp +-D="echo Demand Dialing Stoped." +-else +-rm -f /tmp/grep.tmp ++if ps x | fgrep "options.demand" 1> /dev/null 2> /dev/null ; then ++ D="echo Demand Dialing Stoped." + fi + + # diff --git a/patches/source/ppp/pppsetup-1.98.slack.diff b/patches/source/ppp/pppsetup-1.98.slack.diff new file mode 100644 index 00000000..f081699c --- /dev/null +++ b/patches/source/ppp/pppsetup-1.98.slack.diff @@ -0,0 +1,1709 @@ +--- ./pppsetup.orig Sun Feb 22 12:33:32 1998 ++++ ./pppsetup Sun Jun 18 14:01:10 2000 +@@ -19,6 +19,34 @@ + # Demand dialing setup with ppp-2.3.0 or later. + ############################################################################### + ++############################################################################### ++# 4/4/98 PJV Fixed massive /tmp-related security problems ++# Switched to a default init string that's more ++# likely to work ++# Increased TIMEOUTs ++# fixed bad flags given to chat -- caused dialout ++# to fail ++############################################################################### ++ ++############################################################################### ++# 2/6/1999 PJV Changed all occurances of /dev/cua* to /dev/ttyS* ++############################################################################### ++ ++############################################################################### ++# 5/3/1999 PJV Commented 'debug' in /etc/ppp/options ++# Add commented 'noauth' in /etc/ppp/options so ++# people who want to use ppp but already have a ++# default route have an easier time figuring out ++# what to do. :) ++############################################################################### ++ ++############################################################################### ++# 6/18/2000 PJV Added code to check for "ppp-stop" and "ppp-on" ++# symlinks, and make them if they don't exist. ++############################################################################### ++ ++TMP=/var/log/setup/tmp ++ + if [ ! "$UID" = "0" ]; then + echo + echo "NOTICE: * $LOGNAME * You need to be 'root' to run this script." +@@ -43,81 +71,84 @@ + exit 1 + fi + +-if [ ! -d /tmp ]; then +-mkdir /tmp +-chmod 1777 /tmp +-fi +- + if [ -s /usr/lib/setup/hdsetup ]; then +-SYS="on SLACKWARE ..." ++SYS="on SLACKWARE." + fi + + VERSION="1.98" + + stty erase ^? 2>/dev/null + +-echo "PPPSETUP $VERSION $SYS" > /tmp/txtTEMP01 +-echo >> /tmp/txtTEMP01 +-echo "Written by Robert S. Liesenfeld " >> /tmp/txtTEMP01 +-echo "Changes for 1.98 by Kent Robotti " >> /tmp/txtTEMP01 +-echo >> /tmp/txtTEMP01 +-echo "You should get these 'DOCS' if you don't already have them." >> /tmp/txtTEMP01 +-echo >> /tmp/txtTEMP01 +-echo 'ftp://sunsite.unc.edu/pub/Linux/docs/HOWTO "PPP-HOWTO"' >> /tmp/txtTEMP01 +-echo 'ftp://sunsite.unc.edu/pub/Linux/docs/faqs/PPP-FAQ "PPP-FAQ"' >> /tmp/txtTEMP01 +-echo >> /tmp/txtTEMP01 +-echo "Press [Enter] to continue with pppsetup..." >> /tmp/txtTEMP01 ++if [ ! -r /usr/sbin/ppp-stop ]; then ++ ( cd /usr/sbin ; ln -sf ppp-off ppp-stop ) ++fi ++if [ ! -r /usr/sbin/ppp-on ]; then ++ ( cd /usr/sbin ; ln -sf ppp-go ppp-on ) ++fi + +-dialog --backtitle "PPPSETUP $VERSION ..." --textbox "/tmp/txtTEMP01" 15 70 ++echo "PPPSETUP $VERSION $SYS" > $TMP/txtTEMP01 ++echo >> $TMP/txtTEMP01 ++echo "Written by Robert S. Liesenfeld " >> $TMP/txtTEMP01 ++echo "Changes for 1.98 by Kent Robotti " >> $TMP/txtTEMP01 ++echo "Patched for Slackware by Patrick Volkerding " >> $TMP/txtTEMP01 ++echo >> $TMP/txtTEMP01 ++echo "You should get these docs if you don't already have them:" >> $TMP/txtTEMP01 ++echo >> $TMP/txtTEMP01 ++echo "ftp://metalab.unc.edu/pub/Linux/docs/howto/PPP-HOWTO" >> $TMP/txtTEMP01 ++echo "ftp://metalab.unc.edu/pub/Linux/docs/faqs/PPP-FAQ" >> $TMP/txtTEMP01 ++echo >> $TMP/txtTEMP01 ++echo "Press [Enter] to continue with pppsetup..." >> $TMP/txtTEMP01 ++ ++dialog --backtitle "PPPSETUP $VERSION/Slackware" --textbox "$TMP/txtTEMP01" 16 73 + + while [ -z "$PHONENUM" ] + do +-echo "To begin setting up your PPP connection, i need to know a few things." > /tmp/txtTEMP$$ +-echo "For starters, what is the phone number of your (I)nternet (S)ervice" >> /tmp/txtTEMP$$ +-echo "(P)rovider?" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Example: atdt6661776 <-For (t)one dialing.)" >> /tmp/txtTEMP$$ +-echo "Example: atdp6661776 <-For (p)ulse dialing.)" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Include the: atd? It's usally just: atdtphonenumber" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "(Note: in the USA, use atdt*70,6661776 [comma required!] to turn" >> /tmp/txtTEMP$$ +-echo " off call waiting.)" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ ++echo "To begin setting up your PPP connection, i need to know a few things." > $TMP/txtTEMP$$ ++echo "For starters, what is the phone number of your (I)nternet (S)ervice" >> $TMP/txtTEMP$$ ++echo "(P)rovider?" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Example: atdt6661776 <-For (t)one dialing.)" >> $TMP/txtTEMP$$ ++echo "Example: atdp6661776 <-For (p)ulse dialing.)" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Include the: atd? It's usally just: atdtphonenumber" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "(Note: in the USA, use atdt*70,6661776 [comma required!] to turn" >> $TMP/txtTEMP$$ ++echo " off call waiting.)" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ + +-dialog --title "PHONE NUMBER ..." --inputbox "`cat /tmp/txtTEMP$$`" 18 75 2> /tmp/rspTEMP$$ ++dialog --title "PHONE NUMBER ..." --inputbox "`cat $TMP/txtTEMP$$`" 18 75 2> $TMP/rspTEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-PHONENUM="`cat /tmp/rspTEMP$$`" ++PHONENUM="`cat $TMP/rspTEMP$$`" + + if [ -z "$PHONENUM" ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + echo "No phone number." + exit + fi + done + +-echo "Where is your modem /dev/cua?" > /tmp/txtTEMP$$ +-dialog --backtitle "MODEM DEVICE ..." --menu "`cat /tmp/txtTEMP$$`" 11 50 4 \ +-cua0 "= (COM1: under DOS)" \ +-cua1 "= (COM2: under DOS)" \ +-cua2 "= (COM3: under DOS)" \ +-cua3 "= (COM4: under DOS)" \ +-2> /tmp/rspTEMP$$ ++echo "Where is your modem /dev/ttyS?" > $TMP/txtTEMP$$ ++dialog --backtitle "MODEM DEVICE ..." --menu "`cat $TMP/txtTEMP$$`" 11 50 4 \ ++ttyS0 "= (COM1: under DOS)" \ ++ttyS1 "= (COM2: under DOS)" \ ++ttyS2 "= (COM3: under DOS)" \ ++ttyS3 "= (COM4: under DOS)" \ ++2> $TMP/rspTEMP$$ + +-MODEM="`cat /tmp/rspTEMP$$`" ++MODEM="`cat $TMP/rspTEMP$$`" + + if [ -z $MODEM ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + exit + elif [ ! -c "/dev/$MODEM" ]; then +@@ -127,139 +158,139 @@ + ln -sf /dev/$MODEM /dev/modem 2>/dev/null + fi + +-echo "What baud rate is your modem?" > /tmp/txtTEMP$$ +-dialog --backtitle "MODEM BAUD RATE ..." --menu "`cat /tmp/txtTEMP$$`" 14 72 7 \ ++echo "What baud rate is your modem?" > $TMP/txtTEMP$$ ++dialog --backtitle "MODEM BAUD RATE ..." --menu "`cat $TMP/txtTEMP$$`" 14 72 7 \ + 460800 "460KBps - ISDN modem..." \ + 230400 "230KBps - 56Kbps modem... or ISDN modem..." \ + 115200 "115KBps - 28.8, 33.6, or 56Kbps modem..." \ + 57600 "57.6KBps - 28.8, 33.6, or 56Kbps modem..." \ + 38400 "38.4KBps - Hangin ten on the net! 28.8 or 33.6..." \ + 19200 "19.2KBps - Better known as 14.4..." \ +-9600 "9600bps - No comment..." 2> /tmp/rspTEMP$$ ++9600 "9600bps - No comment..." 2> $TMP/rspTEMP$$ + +-BAUDRATE="`cat /tmp/rspTEMP$$`" ++BAUDRATE="`cat $TMP/rspTEMP$$`" + + if [ -z $BAUDRATE ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + exit + fi + +-echo "Does your service provider use CALLBACK?" > /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "CALLBACK is when you call your service provider and give them" >> /tmp/txtTEMP$$ +-echo "your phone number so they can call you back, then when they" >> /tmp/txtTEMP$$ +-echo "call you back you give them your login name and password." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Most service providers don't use CALLBACK, so the answer is" >> /tmp/txtTEMP$$ +-echo "probably No, unless you know otherwise." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +- +-dialog --backtitle "CALLBACK YES or NO? ..." --yesno "`cat /tmp/txtTEMP$$`" 13 70 +- +-if [ $? = 0 ]; then +-echo "Put your phone number in the box below, so your service provider" > /tmp/txtTEMP$$ +-echo "can call you back." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Example: 7771818" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ ++echo "Does your service provider use CALLBACK?" > $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "CALLBACK is when you call your service provider and give them" >> $TMP/txtTEMP$$ ++echo "your phone number so they can call you back, then when they" >> $TMP/txtTEMP$$ ++echo "call you back you give them your login name and password." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Most service providers don't use CALLBACK, so the answer is" >> $TMP/txtTEMP$$ ++echo "probably No, unless you know otherwise." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++ ++dialog --backtitle "CALLBACK YES or NO? ..." --menu "`cat $TMP/txtTEMP$$`" 16 70 2 "NO" "Most Internet providers do not use callback" "YES" "Use callback support (I know what I'm doing)" 2> $TMP/replyTEMP$$ ++ ++if [ "`cat $TMP/replyTEMP$$`" = "YES" ]; then ++echo "Put your phone number in the box below, so your service provider" > $TMP/txtTEMP$$ ++echo "can call you back." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Example: 7771818" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ + +-dialog --backtitle "CALLBACK Your Phone Number? ..." --inputbox "`cat /tmp/txtTEMP$$`" 11 72 2> /tmp/cb1TEMP$$ ++dialog --backtitle "CALLBACK Your Phone Number? ..." --inputbox "`cat $TMP/txtTEMP$$`" 11 72 2> $TMP/cb1TEMP$$ + + if [ $? = 1 ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + exit +-elif [ ! -s /tmp/cb1TEMP$$ ]; then ++elif [ ! -s $TMP/cb1TEMP$$ ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + echo "No Phone Number for Callback." + exit + fi + fi + +-if [ -s /tmp/cb1TEMP$$ ]; then +-CBPN="`cat /tmp/cb1TEMP$$`" +-echo "I have your phone number: $CBPN" > /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Do you have to give a Username or Login for the initial connection" >> /tmp/txtTEMP$$ +-echo "to $PHONENUM before you're called back." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Example: jerry" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "If NO, just press [Enter] on a empty box and skip this." >> /tmp/txtTEMP$$ ++if [ -s $TMP/cb1TEMP$$ ]; then ++CBPN="`cat $TMP/cb1TEMP$$`" ++echo "I have your phone number: $CBPN" > $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Do you have to give a Username or Login for the initial connection" >> $TMP/txtTEMP$$ ++echo "to $PHONENUM before you're called back." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Example: jerry" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "If NO, just press [Enter] on a empty box and skip this." >> $TMP/txtTEMP$$ + +-dialog --backtitle "CALLBACK INITIAL LOGIN? ..." --inputbox "`cat /tmp/txtTEMP$$`" 15 74 2> /tmp/cb1.1TEMP$$ ++dialog --backtitle "CALLBACK INITIAL LOGIN? ..." --inputbox "`cat $TMP/txtTEMP$$`" 15 74 2> $TMP/cb1.1TEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + else +-CBMODLOGIN="`cat /tmp/cb1.1TEMP$$`" ++CBMODLOGIN="`cat $TMP/cb1.1TEMP$$`" + fi + fi + +-if [ -s /tmp/cb1TEMP$$ ]; then +-echo "I have your phone number: $CBPN" > /tmp/txtTEMP$$ +-if [ -s /tmp/cb1.1TEMP$$ ]; then +-echo "I see you have to give a Username or Login: $CBMODLOGIN" >> /tmp/txtTEMP$$ +-echo "for the initial connection to: $PHONENUM" >> /tmp/txtTEMP$$ +-fi +-echo >> /tmp/txtTEMP$$ +-echo "Do you have to give a Password for the initial connection" >> /tmp/txtTEMP$$ +-echo "to $PHONENUM before you're called back." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Example: Zoy85mWc" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "If NO, just press [Enter] on a empty box and skip this." >> /tmp/txtTEMP$$ ++if [ -s $TMP/cb1TEMP$$ ]; then ++echo "I have your phone number: $CBPN" > $TMP/txtTEMP$$ ++if [ -s $TMP/cb1.1TEMP$$ ]; then ++echo "I see you have to give a Username or Login: $CBMODLOGIN" >> $TMP/txtTEMP$$ ++echo "for the initial connection to: $PHONENUM" >> $TMP/txtTEMP$$ ++fi ++echo >> $TMP/txtTEMP$$ ++echo "Do you have to give a Password for the initial connection" >> $TMP/txtTEMP$$ ++echo "to $PHONENUM before you're called back." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Example: Zoy85mWc" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "If NO, just press [Enter] on a empty box and skip this." >> $TMP/txtTEMP$$ + +-dialog --backtitle "CALLBACK INITIAL PASSWORD? ..." --inputbox "`cat /tmp/txtTEMP$$`" 17 68 2> /tmp/cb2TEMP$$ ++dialog --backtitle "CALLBACK INITIAL PASSWORD? ..." --inputbox "`cat $TMP/txtTEMP$$`" 17 68 2> $TMP/cb2TEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + else +-CBMODPASS="`cat /tmp/cb2TEMP$$`" ++CBMODPASS="`cat $TMP/cb2TEMP$$`" + fi + fi + + if [ ! -z "$CBPN" ]; then +-echo "Are they using PAP or CHAP for AUTHENTICATION? If so answer YES." > /tmp/txtTEMP$$ +-echo "Do they present you with a Username: or Login: and Password: prompt" >> /tmp/txtTEMP$$ +-echo "when they call you back, if so they're probably not using PAP or" >> /tmp/txtTEMP$$ +-echo "CHAP, so you can answer NO here." >> /tmp/txtTEMP$$ +-echo "If you're not sure, you'll have to ask you're service provider." >> /tmp/txtTEMP$$ ++echo "Are they using PAP or CHAP for AUTHENTICATION? If so answer YES." > $TMP/txtTEMP$$ ++echo "Do they present you with a Username: or Login: and Password: prompt" >> $TMP/txtTEMP$$ ++echo "when they call you back, if so they're probably not using PAP or" >> $TMP/txtTEMP$$ ++echo "CHAP, so you can answer NO here." >> $TMP/txtTEMP$$ ++echo "If you're not sure, you'll have to ask you're service provider." >> $TMP/txtTEMP$$ + +-dialog --backtitle "CALLBACK PAP-CHAP YES or NO? ..." --yesno "`cat /tmp/txtTEMP$$`" 9 72 ++dialog --backtitle "CALLBACK PAP-CHAP YES or NO? ..." --yesno "`cat $TMP/txtTEMP$$`" 9 72 + + if [ $? = 1 ]; then +-echo "What is your Username or Login to your service provider?" > /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "This is the information you'll give them when they call" >> /tmp/txtTEMP$$ +-echo "you back at: $CBPN" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Example: jerry" >> /tmp/txtTEMP$$ ++echo "What is your Username or Login to your service provider?" > $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "This is the information you'll give them when they call" >> $TMP/txtTEMP$$ ++echo "you back at: $CBPN" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Example: jerry" >> $TMP/txtTEMP$$ + +-dialog --backtitle "CALLBACK LOGIN? ..." --inputbox "`cat /tmp/txtTEMP$$`" 13 72 2> /tmp/cb3TEMP$$ ++dialog --backtitle "CALLBACK LOGIN? ..." --inputbox "`cat $TMP/txtTEMP$$`" 13 72 2> $TMP/cb3TEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-CBLOGIN="`cat /tmp/cb3TEMP$$`" ++CBLOGIN="`cat $TMP/cb3TEMP$$`" + + if [ -z "$CBLOGIN" ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + echo "No Login for Callback." +@@ -269,24 +300,24 @@ + fi + + if [ ! -z "$CBLOGIN" ]; then +-echo "What is the Password for: $CBLOGIN" > /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Example: Ziy79Kie" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ ++echo "What is the Password for: $CBLOGIN" > $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Example: Ziy79Kie" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ + +-dialog --backtitle "CALLBACK PASSWORD? ..." --inputbox "`cat /tmp/txtTEMP$$`" 10 64 2> /tmp/cb4TEMP$$ ++dialog --backtitle "CALLBACK PASSWORD? ..." --inputbox "`cat $TMP/txtTEMP$$`" 10 64 2> $TMP/cb4TEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit 1 + fi + +-CBPASS="`cat /tmp/cb4TEMP$$`" ++CBPASS="`cat $TMP/cb4TEMP$$`" + + if [ -z "$CBPASS" ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + echo "No Password for Callback." +@@ -296,13 +327,13 @@ + + callback1() { + cat << EOF +-TIMEOUT 10 ++TIMEOUT 60 + ABORT BUSY + ABORT ERROR + ABORT VOICE + ABORT "NO CARRIER" + ABORT "NO DIALTONE" +-"" "AT\&FW1S0=1H0" ++"" "AT\&FS0=1H0" + OK "ATDT$PHONENUM" + TIMEOUT 60 + CONNECT "" +@@ -322,13 +353,13 @@ + + callback2() { + cat << EOF +-TIMEOUT 10 ++TIMEOUT 60 + ABORT BUSY + ABORT ERROR + ABORT VOICE + ABORT "NO CARRIER" + ABORT "NO DIALTONE" +-"" "AT\&FW1S0=1H0" ++"" "AT\&FS0=1H0" + OK "ATDT$PHONENUM" + TIMEOUT 60 + CONNECT "" +@@ -344,13 +375,13 @@ + + callback3() { + cat << EOF +-TIMEOUT 10 ++TIMEOUT 60 + ABORT BUSY + ABORT ERROR + ABORT VOICE + ABORT "NO CARRIER" + ABORT "NO DIALTONE" +-"" "AT\&FW1S0=1H0" ++"" "AT\&FS0=1H0" + OK "ATDT$PHONENUM" + TIMEOUT 60 + CONNECT "" +@@ -368,13 +399,13 @@ + + callback4() { + cat << EOF +-TIMEOUT 10 ++TIMEOUT 60 + ABORT BUSY + ABORT ERROR + ABORT VOICE + ABORT "NO CARRIER" + ABORT "NO DIALTONE" +-"" "AT\&FW1S0=1H0" ++"" "AT\&FS0=1H0" + OK "ATDT$PHONENUM" + TIMEOUT 60 + CONNECT "" +@@ -393,13 +424,13 @@ + + callback5() { + cat << EOF +-TIMEOUT 10 ++TIMEOUT 60 + ABORT BUSY + ABORT ERROR + ABORT VOICE + ABORT "NO CARRIER" + ABORT "NO DIALTONE" +-"" "AT\&FW1S0=1H0" ++"" "AT\&FS0=1H0" + OK "ATDT$PHONENUM" + TIMEOUT 60 + CONNECT "" +@@ -417,13 +448,13 @@ + + callback6() { + cat << EOF +-TIMEOUT 10 ++TIMEOUT 60 + ABORT BUSY + ABORT ERROR + ABORT VOICE + ABORT "NO CARRIER" + ABORT "NO DIALTONE" +-"" "AT\&FW1S0=1H0" ++"" "AT\&FS0=1H0" + OK "ATDT$PHONENUM" + TIMEOUT 60 + CONNECT "" +@@ -440,13 +471,13 @@ + + callback7() { + cat << EOF +-TIMEOUT 10 ++TIMEOUT 60 + ABORT BUSY + ABORT ERROR + ABORT VOICE + ABORT "NO CARRIER" + ABORT "NO DIALTONE" +-"" "AT\&FW1S0=1H0" ++"" "AT\&FS0=1H0" + OK "ATDT$PHONENUM" + TIMEOUT 60 + CONNECT "" +@@ -465,20 +496,20 @@ + mkdir -p /etc/ppp + fi + +-if [ -s /tmp/cb1TEMP$$ ]; then +-if [ -s /tmp/cb1.1TEMP$$ ] && [ -s /tmp/cb2TEMP$$ ] && [ -s /tmp/cb3TEMP$$ ] && [ -s /tmp/cb4TEMP$$ ]; then ++if [ -s $TMP/cb1TEMP$$ ]; then ++if [ -s $TMP/cb1.1TEMP$$ ] && [ -s $TMP/cb2TEMP$$ ] && [ -s $TMP/cb3TEMP$$ ] && [ -s $TMP/cb4TEMP$$ ]; then + callback1 > /etc/ppp/callback +-elif [ ! -s /tmp/cb1.1TEMP$$ ] && [ ! -s /tmp/cb2TEMP$$ ] && [ ! -s /tmp/cb3TEMP$$ ] && [ ! -s /tmp/cb4TEMP$$ ]; then ++elif [ ! -s $TMP/cb1.1TEMP$$ ] && [ ! -s $TMP/cb2TEMP$$ ] && [ ! -s $TMP/cb3TEMP$$ ] && [ ! -s $TMP/cb4TEMP$$ ]; then + callback2 > /etc/ppp/callback +-elif [ ! -s /tmp/cb1.1TEMP$$ ] && [ ! -s /tmp/cb2TEMP$$ ] && [ -s /tmp/cb3TEMP$$ ] && [ -s /tmp/cb4TEMP$$ ]; then ++elif [ ! -s $TMP/cb1.1TEMP$$ ] && [ ! -s $TMP/cb2TEMP$$ ] && [ -s $TMP/cb3TEMP$$ ] && [ -s $TMP/cb4TEMP$$ ]; then + callback3 > /etc/ppp/callback +-elif [ ! -s /tmp/cb1.1TEMP$$ ] && [ -s /tmp/cb2TEMP$$ ] && [ -s /tmp/cb3TEMP$$ ] && [ -s /tmp/cb4TEMP$$ ]; then ++elif [ ! -s $TMP/cb1.1TEMP$$ ] && [ -s $TMP/cb2TEMP$$ ] && [ -s $TMP/cb3TEMP$$ ] && [ -s $TMP/cb4TEMP$$ ]; then + callback4 > /etc/ppp/callback +-elif [ -s /tmp/cb1.1TEMP$$ ] && [ -s /tmp/cb2TEMP$$ ] && [ ! -s /tmp/cb3TEMP$$ ] && [ ! -s /tmp/cb4TEMP$$ ]; then ++elif [ -s $TMP/cb1.1TEMP$$ ] && [ -s $TMP/cb2TEMP$$ ] && [ ! -s $TMP/cb3TEMP$$ ] && [ ! -s $TMP/cb4TEMP$$ ]; then + callback5 > /etc/ppp/callback +-elif [ -s /tmp/cb1.1TEMP$$ ] && [ ! -s /tmp/cb3TEMP$$ ] && [ ! -s /tmp/cb4TEMP$$ ]; then ++elif [ -s $TMP/cb1.1TEMP$$ ] && [ ! -s $TMP/cb3TEMP$$ ] && [ ! -s $TMP/cb4TEMP$$ ]; then + callback6 > /etc/ppp/callback +-elif [ -s /tmp/cb2TEMP$$ ] && [ ! -s /tmp/cb3TEMP$$ ] && [ ! -s /tmp/cb4TEMP$$ ]; then ++elif [ -s $TMP/cb2TEMP$$ ] && [ ! -s $TMP/cb3TEMP$$ ] && [ ! -s $TMP/cb4TEMP$$ ]; then + callback7 > /etc/ppp/callback + fi + fi +@@ -488,93 +519,93 @@ + chmod 600 /etc/ppp/callback 2>/dev/null + fi + +-if [ ! -s /tmp/cb1TEMP$$ ]; then +-echo 'The default modem init string will be: "AT\&FW1H0" OK' > /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "If you want to change it, put your init string in the box below." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "If you use \ in the init string, put it twice." >> /tmp/txtTEMP$$ +-echo 'Example: "AT\&F\\K3\\N3W1H0" OK' >> /tmp/txtTEMP$$ +-echo "M = No sound. W1 or S95=46 = Show CARRIER speed: 28800 etc." >> /tmp/txtTEMP$$ +-echo 'Put "" around each init string with "&" in it.' >> /tmp/txtTEMP$$ +-echo 'Put OK after each init string. Example: ATZ OK "AT\&F1MW1H0" OK' >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Just press [Enter] on a empty box to accept the default above." >> /tmp/txtTEMP$$ ++if [ ! -s $TMP/cb1TEMP$$ ]; then ++echo 'The default modem init string will be: "AT&FH0" OK' > $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "If you want to change it, put your init string in the box below." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "If you use \ in the init string, put it twice." >> $TMP/txtTEMP$$ ++echo 'Example: "AT\&F\\K3\\N3H0" OK' >> $TMP/txtTEMP$$ ++echo "M = No sound. S95=46 = Show CARRIER speed: 28800 etc." >> $TMP/txtTEMP$$ ++echo 'Put "" around each init string with "&" in it.' >> $TMP/txtTEMP$$ ++echo 'Put OK after each init string. Example: ATZ OK "AT\&F1MH0" OK' >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Just press [Enter] on a empty box to accept the default above." >> $TMP/txtTEMP$$ + +-dialog --backtitle "MODEM INIT STRING ..." --inputbox "`cat /tmp/txtTEMP$$`" 18 74 2> /tmp/rspTEMP$$ ++dialog --backtitle "MODEM INIT STRING ..." --inputbox "`cat $TMP/txtTEMP$$`" 18 74 2> $TMP/rspTEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-if [ -s /tmp/rspTEMP$$ ]; then +-INIT="`cat /tmp/rspTEMP$$`" ++if [ -s $TMP/rspTEMP$$ ]; then ++INIT="`cat $TMP/rspTEMP$$`" + else + INIT="below" + fi + fi + +-echo "What is your (I)nternet (S)ervice (P)rovider's domain name?" > /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "This is usually something like..." >> /tmp/txtTEMP$$ +-echo "Examples: something.edu something.net something.com something.org" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ ++echo "What is your (I)nternet (S)ervice (P)rovider's domain name?" > $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "This is usually something like..." >> $TMP/txtTEMP$$ ++echo "Examples: something.edu something.net something.com something.org" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ + +-dialog --backtitle "DOMAIN NAME ..." --inputbox "`cat /tmp/txtTEMP$$`" 11 74 2> /tmp/rspTEMP$$ ++dialog --backtitle "DOMAIN NAME ..." --inputbox "`cat $TMP/txtTEMP$$`" 11 74 2> $TMP/rspTEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-DOMAINNAME="`cat /tmp/rspTEMP$$`" ++DOMAINNAME="`cat $TMP/rspTEMP$$`" + +-echo "What is the IP address of your Internet provider's nameserver?" > /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "It's important that these IP numbers be correct." >> /tmp/txtTEMP$$ +-echo "The IP numbers should not be: 0.0.0.0" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Note: Your service provider's technical support can provide you" >> /tmp/txtTEMP$$ +-echo "with this information. Example: 207.132.116.5" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ ++echo "What is the IP address of your Internet provider's nameserver?" > $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "It's important that these IP numbers be correct." >> $TMP/txtTEMP$$ ++echo "The IP numbers should not be: 0.0.0.0" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Note: Your service provider's technical support can provide you" >> $TMP/txtTEMP$$ ++echo "with this information. Example: 207.132.116.5" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ + +-dialog --backtitle "DNS IP ADDRESS ..." --inputbox "`cat /tmp/txtTEMP$$`" 14 74 2> /tmp/rspTEMP$$ ++dialog --backtitle "DNS IP ADDRESS ..." --inputbox "`cat $TMP/txtTEMP$$`" 14 74 2> $TMP/rspTEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-DNSIP="`cat /tmp/rspTEMP$$`" ++DNSIP="`cat $TMP/rspTEMP$$`" + +-if [ ! -s /tmp/cb3TEMP$$ ]; then +-echo "Does your service provider use PAP or CHAP?" > /tmp/txtTEMP$$ +-echo "If you're presented with a Username: or Login: and Password:" >> /tmp/txtTEMP$$ +-echo "prompt when you connect to your service provider, they're" >> /tmp/txtTEMP$$ +-echo "'probably' not using PAP or CHAP, so you can answer SCRIPT." >> /tmp/txtTEMP$$ +-echo "I said 'probably', the only way to know for sure is to ask you're" >> /tmp/txtTEMP$$ +-echo "service provider, this could save you a lot of wasted time." >> /tmp/txtTEMP$$ ++if [ ! -s $TMP/cb3TEMP$$ ]; then ++echo "Does your service provider use PAP or CHAP?" > $TMP/txtTEMP$$ ++echo "If you're presented with a Username: or Login: and Password:" >> $TMP/txtTEMP$$ ++echo "prompt when you connect to your service provider, they're" >> $TMP/txtTEMP$$ ++echo "'probably' not using PAP or CHAP, so you can answer SCRIPT." >> $TMP/txtTEMP$$ ++echo "I said 'probably', the only way to know for sure is to ask you're" >> $TMP/txtTEMP$$ ++echo "service provider, this could save you a lot of wasted time." >> $TMP/txtTEMP$$ + +-dialog --backtitle "PAP, CHAP, or SCRIPT? ..." --menu "`cat /tmp/txtTEMP$$`" 16 72 4 \ ++dialog --backtitle "PAP, CHAP, or SCRIPT? ..." --menu "`cat $TMP/txtTEMP$$`" 16 72 4 \ + PAP "AUTHENTICATION" \ + CHAP "AUTHENTICATION" \ + MS-CHAP-80 "is microsoft's version of CHAP." \ +-SCRIPT "Create Chat Script For Login." 2> /tmp/papTEMP ++SCRIPT "Create Chat Script For Login." 2> $TMP/papTEMP + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + else +-PAP="`cat /tmp/papTEMP`" ++PAP="`cat $TMP/papTEMP`" + fi + fi + +@@ -595,46 +626,46 @@ + + if [ "$PAP" = "MS-CHAP-80" ]; then + if [ ! -z "$DOMAINNAME" ]; then +-echo > /tmp/txtTEMP$$ +-echo "You gave $DOMAINNAME for domain name, this will be the" >> /tmp/txtTEMP$$ +-echo "NT server you connect to when you dial: $PHONENUM" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ ++echo > $TMP/txtTEMP$$ ++echo "You gave $DOMAINNAME for domain name, this will be the" >> $TMP/txtTEMP$$ ++echo "NT server you connect to when you dial: $PHONENUM" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ + else +-echo > /tmp/txtTEMP$$ ++echo > $TMP/txtTEMP$$ + fi +-RAS >> /tmp/txtTEMP$$ ++RAS >> $TMP/txtTEMP$$ + +-dialog --title "MS-CHAP NT server, Stand-alone or ? ..." --menu "`cat /tmp/txtTEMP$$`" 22 72 2 \ ++dialog --title "MS-CHAP NT server, Stand-alone or ? ..." --menu "`cat $TMP/txtTEMP$$`" 22 72 2 \ + MS-CHAP-SERVER-1 "Stand-alone..." \ +-MS-CHAP-SERVER-2 "Queries domain controller..." 2> /tmp/mschapTEMP ++MS-CHAP-SERVER-2 "Queries domain controller..." 2> $TMP/mschapTEMP + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-MSCHAP="`cat /tmp/mschapTEMP`" ++MSCHAP="`cat $TMP/mschapTEMP`" + + if [ "$MSCHAP" = "MS-CHAP-SERVER-2" ]; then +-echo "Put the name of the domain you have your account on." > /tmp/txtTEMP0 +-echo "Example: fooboo" >> /tmp/txtTEMP0 +-echo >> /tmp/txtTEMP0 ++echo "Put the name of the domain you have your account on." > $TMP/txtTEMP0 ++echo "Example: fooboo" >> $TMP/txtTEMP0 ++echo >> $TMP/txtTEMP0 + +-dialog --backtitle "MS-CHAP QUERY DOMAIN? ..." --inputbox "`cat /tmp/txtTEMP0`" 9 64 2> /tmp/rspTEMP0 ++dialog --backtitle "MS-CHAP QUERY DOMAIN? ..." --inputbox "`cat $TMP/txtTEMP0`" 9 64 2> $TMP/rspTEMP0 + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-MSDOMAIN="`cat /tmp/rspTEMP0`" ++MSDOMAIN="`cat $TMP/rspTEMP0`" + +-if [ ! -s /tmp/rspTEMP0 ]; then +-rm -f /tmp/*TEMP* ++if [ ! -s $TMP/rspTEMP0 ]; then ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + echo "No ms-chap query domain name given." +@@ -643,32 +674,32 @@ + fi + fi + +-if [ ! "$PAP" = "SCRIPT" ] && [ ! -s /tmp/cb3TEMP$$ ]; then +-echo "Put your Login = Username in the box below." > /tmp/txtTEMP1 +-echo >> /tmp/txtTEMP1 +-echo "Sometimes they want your username or number followed" >> /tmp/txtTEMP1 +-echo "by their @domain name like this below." >> /tmp/txtTEMP1 +-echo "Example: jerry@foo.boo.com" >> /tmp/txtTEMP1 +-echo "Example: 1234567@foo.boo.com" >> /tmp/txtTEMP1 +-echo >> /tmp/txtTEMP1 +-echo "Sometimes the username is two words." >> /tmp/txtTEMP1 +-echo "Example: jerry donut" >> /tmp/txtTEMP1 +-echo >> /tmp/txtTEMP1 +-echo "Usally it's just your username like this below." >> /tmp/txtTEMP1 +-echo "Example: jerry" >> /tmp/txtTEMP1 +-echo >> /tmp/txtTEMP1 ++if [ ! "$PAP" = "SCRIPT" ] && [ ! -s $TMP/cb3TEMP$$ ]; then ++echo "Put your Login = Username in the box below." > $TMP/txtTEMP1 ++echo >> $TMP/txtTEMP1 ++echo "Sometimes they want your username or number followed" >> $TMP/txtTEMP1 ++echo "by their @domain name like this below." >> $TMP/txtTEMP1 ++echo "Example: jerry@foo.boo.com" >> $TMP/txtTEMP1 ++echo "Example: 1234567@foo.boo.com" >> $TMP/txtTEMP1 ++echo >> $TMP/txtTEMP1 ++echo "Sometimes the username is two words." >> $TMP/txtTEMP1 ++echo "Example: jerry donut" >> $TMP/txtTEMP1 ++echo >> $TMP/txtTEMP1 ++echo "Usally it's just your username like this below." >> $TMP/txtTEMP1 ++echo "Example: jerry" >> $TMP/txtTEMP1 ++echo >> $TMP/txtTEMP1 + +-dialog --backtitle "PAP or CHAP LOGIN? ..." --inputbox "`cat /tmp/txtTEMP1`" 19 64 2> /tmp/rspTEMP1 ++dialog --backtitle "PAP or CHAP LOGIN? ..." --inputbox "`cat $TMP/txtTEMP1`" 19 64 2> $TMP/rspTEMP1 + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-if [ ! -s /tmp/rspTEMP1 ]; then +-rm -f /tmp/*TEMP* ++if [ ! -s $TMP/rspTEMP1 ]; then ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + echo "No username for pap, chap, or ms-chap given." +@@ -676,119 +707,119 @@ + fi + fi + +-if [ -s /tmp/rspTEMP1 ]; then +-AUTH1="`cat /tmp/rspTEMP1`" +-echo "$AUTH1" > /tmp/txtTEMP2 +-echo "What's the password for the username above?" >> /tmp/txtTEMP2 +-echo "Example: Xpi9u87T" >> /tmp/txtTEMP2 +-dialog --backtitle "PAP or CHAP PASSWORD? ..." --inputbox "`cat /tmp/txtTEMP2`" 10 64 2> /tmp/rspTEMP2 ++if [ -s $TMP/rspTEMP1 ]; then ++AUTH1="`cat $TMP/rspTEMP1`" ++echo "$AUTH1" > $TMP/txtTEMP2 ++echo "What's the password for the username above?" >> $TMP/txtTEMP2 ++echo "Example: Xpi9u87T" >> $TMP/txtTEMP2 ++dialog --backtitle "PAP or CHAP PASSWORD? ..." --inputbox "`cat $TMP/txtTEMP2`" 10 64 2> $TMP/rspTEMP2 + +-AUTH2="`cat /tmp/rspTEMP2`" ++AUTH2="`cat $TMP/rspTEMP2`" + END="" + +-elif [ ! -s /tmp/cb1TEMP$$ ] && [ "$PAP" = "SCRIPT" ]; then ++elif [ ! -s $TMP/cb1TEMP$$ ] && [ "$PAP" = "SCRIPT" ]; then + END='""' +-echo "If you reached this part of the script, it should be because you" > /tmp/txtTEMP$$ +-echo "skipped the PAP or CHAP? and CALLBACK? parts of this script." >> /tmp/txtTEMP$$ +-echo "In other words, your service provider is not using PAP, CHAP, or" >> /tmp/txtTEMP$$ +-echo "CALLBACK." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Now comes the tough part. :) I need to know what your" >> /tmp/txtTEMP$$ +-echo "service provider prints to your screen when you dial in," >> /tmp/txtTEMP$$ +-echo "and what you respond with." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Usally when you connect to your service provider you see a" >> /tmp/txtTEMP$$ +-echo "Username: or Login: prompt, and you respond with your name." >> /tmp/txtTEMP$$ +-echo "Then there's a Password: prompt and you respond with your" >> /tmp/txtTEMP$$ +-echo "password." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "If you're not sure if it's Login: or login:, just put ogin:" >> /tmp/txtTEMP$$ +-echo "you don't have to spell the whole thing out, the end part of" >> /tmp/txtTEMP$$ +-echo "what to wait for should be enough." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo 'If they put this for example "foobar fooboo ID:", you could just' >> /tmp/txtTEMP$$ +-echo 'put ID: or you could spell the whole thing out & put "" around it.' >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "What text should I wait for?" >> /tmp/txtTEMP$$ +-echo "ID:" >> /tmp/txtTEMP$$ +-echo "What text should I send?" >> /tmp/txtTEMP$$ +-echo "jerry" >> /tmp/txtTEMP$$ +-echo "What text should I wait for?" >> /tmp/txtTEMP$$ +-echo '"foobar fooboo ID:"' >> /tmp/txtTEMP$$ +-echo "What text should I send?" >> /tmp/txtTEMP$$ +-echo "jerry" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Sometimes you may want to wait for nothing, but send something." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "What text should I wait for?" >> /tmp/txtTEMP$$ +-echo '""' >> /tmp/txtTEMP$$ +-echo "What text should I send?" >> /tmp/txtTEMP$$ +-echo "something" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo '"" = wait for nothing.' >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "If you don't want your password printed out put \q in front of it." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "What text should I wait for?" >> /tmp/txtTEMP$$ +-echo "Password:" >> /tmp/txtTEMP$$ +-echo "What text should I send?" >> /tmp/txtTEMP$$ +-echo "\qsecret" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "ogin: = Login: name: = Username: word: = Password:" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "This below would end up looking like this in the /etc/ppp/pppscript" >> /tmp/txtTEMP$$ +-echo "file created by pppsetup when you're done." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "ogin: jerry" >> /tmp/txtTEMP$$ +-echo "word: secret" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "For example..." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "What text should I wait for?" >> /tmp/txtTEMP$$ +-echo "ogin:" >> /tmp/txtTEMP$$ +-echo "And what text should I send?" >> /tmp/txtTEMP$$ +-echo "jerry" >> /tmp/txtTEMP$$ +-echo "What text should I wait for?" >> /tmp/txtTEMP$$ +-echo "word:" >> /tmp/txtTEMP$$ +-echo "And what text should I send?" >> /tmp/txtTEMP$$ +-echo "secret" >> /tmp/txtTEMP$$ +-echo "What text should I wait for?" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "( End by pressing Enter on an empty = blank wait for? box. )" >> /tmp/txtTEMP$$ ++echo "If you reached this part of the script, it should be because you" > $TMP/txtTEMP$$ ++echo "skipped the PAP or CHAP? and CALLBACK? parts of this script." >> $TMP/txtTEMP$$ ++echo "In other words, your service provider is not using PAP, CHAP, or" >> $TMP/txtTEMP$$ ++echo "CALLBACK." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Now comes the tough part. :) I need to know what your" >> $TMP/txtTEMP$$ ++echo "service provider prints to your screen when you dial in," >> $TMP/txtTEMP$$ ++echo "and what you respond with." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Usally when you connect to your service provider you see a" >> $TMP/txtTEMP$$ ++echo "Username: or Login: prompt, and you respond with your name." >> $TMP/txtTEMP$$ ++echo "Then there's a Password: prompt and you respond with your" >> $TMP/txtTEMP$$ ++echo "password." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "If you're not sure if it's Login: or login:, just put ogin:" >> $TMP/txtTEMP$$ ++echo "you don't have to spell the whole thing out, the end part of" >> $TMP/txtTEMP$$ ++echo "what to wait for should be enough." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo 'If they put this for example "foobar fooboo ID:", you could just' >> $TMP/txtTEMP$$ ++echo 'put ID: or you could spell the whole thing out & put "" around it.' >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "What text should I wait for?" >> $TMP/txtTEMP$$ ++echo "ID:" >> $TMP/txtTEMP$$ ++echo "What text should I send?" >> $TMP/txtTEMP$$ ++echo "jerry" >> $TMP/txtTEMP$$ ++echo "What text should I wait for?" >> $TMP/txtTEMP$$ ++echo '"foobar fooboo ID:"' >> $TMP/txtTEMP$$ ++echo "What text should I send?" >> $TMP/txtTEMP$$ ++echo "jerry" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Sometimes you may want to wait for nothing, but send something." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "What text should I wait for?" >> $TMP/txtTEMP$$ ++echo '""' >> $TMP/txtTEMP$$ ++echo "What text should I send?" >> $TMP/txtTEMP$$ ++echo "something" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo '"" = wait for nothing.' >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "If you don't want your password printed out put \q in front of it." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "What text should I wait for?" >> $TMP/txtTEMP$$ ++echo "Password:" >> $TMP/txtTEMP$$ ++echo "What text should I send?" >> $TMP/txtTEMP$$ ++echo "\qsecret" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "ogin: = Login: name: = Username: word: = Password:" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "This below would end up looking like this in the /etc/ppp/pppscript" >> $TMP/txtTEMP$$ ++echo "file created by pppsetup when you're done." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "ogin: jerry" >> $TMP/txtTEMP$$ ++echo "word: secret" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "For example..." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "What text should I wait for?" >> $TMP/txtTEMP$$ ++echo "ogin:" >> $TMP/txtTEMP$$ ++echo "And what text should I send?" >> $TMP/txtTEMP$$ ++echo "jerry" >> $TMP/txtTEMP$$ ++echo "What text should I wait for?" >> $TMP/txtTEMP$$ ++echo "word:" >> $TMP/txtTEMP$$ ++echo "And what text should I send?" >> $TMP/txtTEMP$$ ++echo "secret" >> $TMP/txtTEMP$$ ++echo "What text should I wait for?" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "( End by pressing Enter on an empty = blank wait for? box. )" >> $TMP/txtTEMP$$ + +-dialog --title "CHAT SCRIPT" --textbox "/tmp/txtTEMP$$" 22 72 ++dialog --title "CHAT SCRIPT" --textbox "$TMP/txtTEMP$$" 22 72 + + MESSAGE=' ' + YOUSAY=' ' + while [ ! "$MESSAGE" = "" -a ! "$YOUSAY" = "" ] + do + +-echo " End by pressing Enter on a empty = blank box." > /tmp/txtTEMP$$ +-echo " What text should I wait for?" >> /tmp/txtTEMP$$ +-dialog --backtitle "EXPECT ..." --inputbox "`cat /tmp/txtTEMP$$`" 9 60 2> /tmp/rspTEMP$$ ++echo " End by pressing Enter on a empty = blank box." > $TMP/txtTEMP$$ ++echo " What text should I wait for?" >> $TMP/txtTEMP$$ ++dialog --backtitle "EXPECT ..." --inputbox "`cat $TMP/txtTEMP$$`" 9 60 2> $TMP/rspTEMP$$ + +-MESSAGE="`cat /tmp/rspTEMP$$`" ++MESSAGE="`cat $TMP/rspTEMP$$`" + + if [ -z "$MESSAGE" ]; then + continue + fi + +-dialog --backtitle "SEND ..." --inputbox "And what text should I send?" 8 60 2> /tmp/rspTEMP$$ ++dialog --backtitle "SEND ..." --inputbox "And what text should I send?" 8 60 2> $TMP/rspTEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-YOUSAY="`cat /tmp/rspTEMP$$`" ++YOUSAY="`cat $TMP/rspTEMP$$`" + +-echo "$MESSAGE $YOUSAY" >> /tmp/sayTEMP1 ++echo "$MESSAGE $YOUSAY" >> $TMP/sayTEMP1 + + if [ -z "$YOUSAY" ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + echo "Nothing to send." + exit +@@ -798,22 +829,22 @@ + done + fi + +-if [ ! -s /tmp/cb3TEMP$$ ]; then +-if [ -s /tmp/cb1TEMP$$ ] && [ ! -s /tmp/cb3TEMP$$ ] && [ "$PAP" = "SCRIPT" ]; then ++if [ ! -s $TMP/cb3TEMP$$ ]; then ++if [ -s $TMP/cb1TEMP$$ ] && [ ! -s $TMP/cb3TEMP$$ ] && [ "$PAP" = "SCRIPT" ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + echo "You chose callback with PAP or CHAP, but answered SCRIPT to PAP or CHAP?." + exit +-elif [ ! -s /tmp/rspTEMP2 ] && [ -s /tmp/rspTEMP1 ]; then ++elif [ ! -s $TMP/rspTEMP2 ] && [ -s $TMP/rspTEMP1 ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + echo "No password for: $AUTH1" + exit +-elif [ ! -s /tmp/sayTEMP1 ] && [ ! -s /tmp/rspTEMP2 ]; then ++elif [ ! -s $TMP/sayTEMP1 ] && [ ! -s $TMP/rspTEMP2 ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + echo "Nothing to wait for." + exit +@@ -868,9 +899,9 @@ + PATH1="pppd" + fi + +-if [ "$PATH1" != "pppd" ]; then +-chmod 4755 $PATH1 2>/dev/null +-fi ++#if [ "$PATH1" != "pppd" ]; then ++#chmod 4755 $PATH1 2>/dev/null ++#fi + + if [ -x /usr/sbin/chat ]; then + PATH2="/usr/sbin/chat" +@@ -886,14 +917,14 @@ + PATH2="chat" + fi + +-if [ ! -s /tmp/cb1TEMP$$ ]; then +-echo "TIMEOUT 10" > /etc/ppp/pppscript ++if [ ! -s $TMP/cb1TEMP$$ ]; then ++echo "TIMEOUT 60" > /etc/ppp/pppscript + echo "ABORT ERROR" >> /etc/ppp/pppscript + echo "ABORT BUSY" >> /etc/ppp/pppscript + echo 'ABORT "NO CARRIER"' >> /etc/ppp/pppscript + echo 'ABORT "NO DIALTONE"' >> /etc/ppp/pppscript + if [ "$INIT" = "below" ]; then +-echo '"" "AT\&FW1H0"' >> /etc/ppp/pppscript ++echo '"" "AT&FH0"' >> /etc/ppp/pppscript + echo 'OK "'$PHONENUM'"' >> /etc/ppp/pppscript + else + echo '"" '$INIT'' >> /etc/ppp/pppscript +@@ -905,8 +936,8 @@ + chmod 600 /etc/ppp/pppscript 2>/dev/null + fi + +-if [ -s /tmp/sayTEMP1 ]; then +-cat /tmp/sayTEMP1 >> /etc/ppp/pppscript ++if [ -s $TMP/sayTEMP1 ]; then ++cat $TMP/sayTEMP1 >> /etc/ppp/pppscript + echo >> /etc/ppp/pppscript + else + echo >> /etc/ppp/pppscript +@@ -948,9 +979,9 @@ + echo "# The CARRIER speed at which you connected will be reported, if it's in" >> /etc/ppp/ip-up + echo '# the /var/log/messages file. You also need the programs "tail" "cut"' >> /etc/ppp/ip-up + echo '# "tr" "grep" and "syslogd" running for this to work.' >> /etc/ppp/ip-up +-echo "# You may have to add W1 or S95=46 to your modem init string" >> /etc/ppp/ip-up ++echo "# You may have to add S95=46 to your modem init string" >> /etc/ppp/ip-up + echo "# to get your modem to report the DCE = CARRIER speed." >> /etc/ppp/ip-up +-echo "# Examples: AT&FW1 or AT&FS95=46" >> /etc/ppp/ip-up ++echo "# Example: AT&FS95=46" >> /etc/ppp/ip-up + + echo >> /etc/ppp/ip-up + echo "if [ -s /var/log/messages ] && ( ps xc 2>/dev/null | grep -q syslogd 2>/dev/null ); then" >> /etc/ppp/ip-up +@@ -986,7 +1017,8 @@ + echo >> /etc/ppp/ip-up + echo "# End..." >> /etc/ppp/ip-up + +-chmod 4755 /etc/ppp/ip-up 2>/dev/null ++#chmod 4755 /etc/ppp/ip-up 2>/dev/null ++chmod 755 /etc/ppp/ip-up 2>/dev/null + + if [ -s /etc/ppp/ip-down ]; then + mv /etc/ppp/ip-down /etc/ppp/ip-down.OLD +@@ -1022,7 +1054,7 @@ + # You'll see the modem reponse OK and date in the /etc/ppp/modem.cua?, + # modem.ttyS?, or modem.modem file. + # You need the 'modem-stats' program for this below to work. +-# ftp://sunsite.unc.edu/pub/apps/serialcomm/modem ++# ftp://metalab.unc.edu/pub/apps/serialcomm/modem + # modem-stats-1.0.1.src.elf.tar.gz + # Remove the ##### from the lines below. + +@@ -1030,7 +1062,8 @@ + } + + ipdown > /etc/ppp/ip-down +-chmod 4755 /etc/ppp/ip-down 2>/dev/null ++#chmod 4755 /etc/ppp/ip-down 2>/dev/null ++chmod 755 /etc/ppp/ip-down 2>/dev/null + + echo "#sleep 2 # Make sure the modem is really down." >> /etc/ppp/ip-down + echo '#DEV=`echo $2 | sed -e "s./dev/.."`' >> /etc/ppp/ip-down +@@ -1080,38 +1113,38 @@ + cat </dev/null | grep -i -s "rcvd" > /tmp/grep.tmp ++tail -n 30 /var/log/debug 2>/dev/null | grep -i -s "rcvd" > $TMP/grep.tmp + +-if ( grep -i -q "auth pap" /tmp/grep.tmp ); then ++if ( grep -i -q "auth pap" $TMP/grep.tmp ); then + echo + echo "They seem to be requesting PAP = for authentication." + echo "I don't know if you're setup for 'PAP' or not." + echo "Did you answer 'PAP' when you ran pppsetup?" + echo +-elif ( grep -E -i -q "auth chap msoft|auth chap 80" /tmp/grep.tmp ); then ++elif ( grep -E -i -q "auth chap msoft|auth chap 80" $TMP/grep.tmp ); then + echo + echo "They seem to be requesting MS-CHAP-80 = for authentication." + echo "I don't know if you're setup for 'MS-CHAP' or not." + echo "Did you answer 'MS-CHAP' when you ran pppsetup?" + echo +-elif ( grep -i -q "auth chap" /tmp/grep.tmp ); then ++elif ( grep -i -q "auth chap" $TMP/grep.tmp ); then + echo "They seem to be requesting CHAP = for authentication." + echo "I don't know if you're setup for 'CHAP' or not." + echo "Did you answer 'CHAP' when you ran pppsetup?" + echo + else +-rm -f /tmp/grep.tmp ++rm -f $TMP/grep.tmp + exit 0 + fi + +-if ( grep -i -q "callback" /tmp/grep.tmp ); then ++if ( grep -i -q "callback" $TMP/grep.tmp ); then + echo "They seem to be requesting CALLBACK." + echo "I don't know if you're setup for 'callback' or not." + echo "Did you answer 'CALLBACK' when you ran pppsetup?" + echo + fi + +-rm -f /tmp/grep.tmp ++rm -f $TMP/grep.tmp + } + EOF + } +@@ -1124,14 +1157,14 @@ + echo "killall -INT pppd 2>/dev/null" >> /usr/sbin/ppp-go + echo "rm -f /var/lock/LCK* /var/run/ppp*.pid" >> /usr/sbin/ppp-go + +-if [ -s /tmp/cb1TEMP$$ ]; then +-echo '('$PATH1' -detach connect "'$PATH2' -v -s -f /etc/ppp/callback" &) || exit 1' >> /usr/sbin/ppp-go ++if [ -s $TMP/cb1TEMP$$ ]; then ++echo '('$PATH1' -detach connect "'$PATH2' -v -f /etc/ppp/callback" &) || exit 1' >> /usr/sbin/ppp-go + else +-echo '('$PATH1' -detach connect "'$PATH2' -v -s -f /etc/ppp/pppscript" &) || exit 1' >> /usr/sbin/ppp-go ++echo '('$PATH1' -detach connect "'$PATH2' -v -f /etc/ppp/pppscript" &) || exit 1' >> /usr/sbin/ppp-go + fi + +-echo "read" >> /usr/sbin/ppp-go +-echo "ifconnect" >> /usr/sbin/ppp-go ++echo "#read" >> /usr/sbin/ppp-go ++echo "#ifconnect" >> /usr/sbin/ppp-go + echo "exit 0" >> /usr/sbin/ppp-go + echo "fi" >> /usr/sbin/ppp-go + +@@ -1140,10 +1173,10 @@ + echo "killall -INT pppd 2>/dev/null" >> /usr/sbin/ppp-go + echo "rm -f /var/lock/LCK* /var/run/ppp*.pid" >> /usr/sbin/ppp-go + +-if [ -s /tmp/cb1TEMP$$ ]; then +-echo '('$PATH1' connect "'$PATH2' -v -f /etc/ppp/callback") || exit 1' >> /usr/sbin/ppp-go ++if [ -s $TMP/cb1TEMP$$ ]; then ++echo '('$PATH1' connect "'$PATH2' -v -f /etc/ppp/callback" 1> /dev/null 2> /dev/null ) || exit 1' >> /usr/sbin/ppp-go + else +-echo '('$PATH1' connect "'$PATH2' -v -f /etc/ppp/pppscript") || exit 1' >> /usr/sbin/ppp-go ++echo '('$PATH1' connect "'$PATH2' -v -f /etc/ppp/pppscript" 1> /dev/null 2> /dev/null ) || exit 1' >> /usr/sbin/ppp-go + fi + + echo "exit 0" >> /usr/sbin/ppp-go +@@ -1194,26 +1227,37 @@ + echo 'echo "USAGE: ppp-go -h "' >> /usr/sbin/ppp-go + echo "exit 1" >> /usr/sbin/ppp-go + +-chmod 4755 /usr/sbin/ppp-go 2>/dev/null ++#chmod 4755 /usr/sbin/ppp-go 2>/dev/null ++chmod 755 /usr/sbin/ppp-go 2>/dev/null + +-echo "lock" > /etc/ppp/options +-echo "defaultroute" >> /etc/ppp/options +-echo "noipdefault" >> /etc/ppp/options +-echo "modem" >> /etc/ppp/options +-echo "/dev/$MODEM" >> /etc/ppp/options +-echo "$BAUDRATE" >> /etc/ppp/options +-echo "crtscts" >> /etc/ppp/options +-echo "debug" >> /etc/ppp/options +-echo "passive" >> /etc/ppp/options +-echo "asyncmap 0" >> /etc/ppp/options ++cat << EOF > /etc/ppp/options ++# General configuration options for PPPD: ++lock ++defaultroute ++noipdefault ++modem ++/dev/$MODEM ++$BAUDRATE ++crtscts ++# Uncomment the line below for more verbose error reporting: ++#debug ++# If you have a default route already, pppd may require the other side ++# to authenticate itself, which most ISPs will not do. To work around this, ++# uncomment the line below. Note that this may have negative side effects ++# on system security if you allow PPP dialins. See the docs in /usr/doc/ppp* ++# for more information. ++#noauth ++passive ++asyncmap 0 ++EOF + + if [ ! -z "$CBPN" ]; then + echo 'callback "'$CBPN'"' >> /etc/ppp/options + fi + +-if [ "$MSCHAP" = "MS-CHAP-SERVER-2" ] && [ -s /tmp/rspTEMP2 ]; then ++if [ "$MSCHAP" = "MS-CHAP-SERVER-2" ] && [ -s $TMP/rspTEMP2 ]; then + echo 'name "'$MSDOMAIN\\\\$AUTH1'"' >> /etc/ppp/options +-elif [ -s /tmp/rspTEMP2 ]; then ++elif [ -s $TMP/rspTEMP2 ]; then + echo 'name "'$AUTH1'"' >> /etc/ppp/options + fi + +@@ -1277,7 +1321,7 @@ + echo "0.0.0.0:10.10.10.10" >> /etc/ppp/options.demand + echo "demand" >> /etc/ppp/options.demand + +-if [ -s /tmp/cb1TEMP$$ ]; then ++if [ -s $TMP/cb1TEMP$$ ]; then + echo 'connect "'$PATH2' -v -f /etc/ppp/callback"' >> /etc/ppp/options.demand + else + echo 'connect "'$PATH2' -v -f /etc/ppp/pppscript"' >> /etc/ppp/options.demand +@@ -1352,18 +1396,18 @@ + 0.0.0.0 foobar.localnet foobar + + ~# dip -tv +-dip> port /dev/cua1 +-can't open - problems with locking cua1 ++dip> port /dev/ttyS1 ++can't open - problems with locking ttyS1 + + If you get the above message after "port /dev/modem", it means you have a +-lock file in /var/lock/LCK..cua1, remove the lock file and kill dip. ++lock file in /var/lock/LCK..ttyS1, remove the lock file and kill dip. + + ~# rm /var/lock/LCK* + # killall -9 dip + + ~# dip -tv + +-dip> port /dev/cua1 <-Where's the modem? cua0 = com1 cua1 = com2 etc.) ++dip> port /dev/ttyS1 <-Where's the modem? ttyS0 = com1 ttyS1 = com2 etc.) + dip> speed 115200 <-Modem speed: 19200 38400 57600 + dip> term + +@@ -1379,7 +1423,7 @@ + dip> default <-Use default route.) + dip> mode ppp <-Start PPP at your end.) + +-~# ping sunsite.unc.edu <-To see if you're connected.) ++~# ping metalab.unc.edu <-To see if you're connected.) + + ~# dip -k <-To kill dip and the PPP connection.) + +@@ -1393,7 +1437,7 @@ + lock + defaultroute + noipdefault +-/dev/cua1 <- cua0 = com1 cua1 = com2 cua2 = com3 cua3 = com4 ++/dev/ttyS1 <- ttyS0 = com1 ttyS1 = com2 ttyS2 = com3 ttyS3 = com4 + 57600 + modem + crtscts +@@ -1419,221 +1463,221 @@ + } + + echo "=========================================================================" > /etc/ppp/pppsetup.txt +-cat /tmp/txtTEMP01 >> /etc/ppp/pppsetup.txt ++cat $TMP/txtTEMP01 >> /etc/ppp/pppsetup.txt + +-echo "=========================================================================" > /tmp/txtTEMP$$ +-echo "These are your PPP configuration files and instructions..." >> /tmp/txtTEMP$$ +-echo "=========================================================================" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +- +-if [ ! -s /tmp/cb1TEMP$$ ] && [ ! -s /tmp/sayTEMP1 ]; then +-echo "# This is your /etc/ppp/pppscript." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-cat /etc/ppp/pppscript >> /tmp/txtTEMP$$ +-elif [ ! -s /tmp/cb1TEMP$$ ] && [ -s /tmp/sayTEMP1 ]; then +-echo "# This is your /etc/ppp/pppscript." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Look at /etc/ppp/pppscript." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-fi +- +-if [ -s /tmp/cb1TEMP$$ ]; then +-echo "# This is your /etc/ppp/callback script." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Look at /etc/ppp/callback." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-fi +- +-echo "# This is your /etc/ppp/options file." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-cat /etc/ppp/options >> /tmp/txtTEMP$$ ++echo "=========================================================================" > $TMP/txtTEMP$$ ++echo "These are your PPP configuration files and instructions..." >> $TMP/txtTEMP$$ ++echo "=========================================================================" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++ ++if [ ! -s $TMP/cb1TEMP$$ ] && [ ! -s $TMP/sayTEMP1 ]; then ++echo "# This is your /etc/ppp/pppscript." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++cat /etc/ppp/pppscript >> $TMP/txtTEMP$$ ++elif [ ! -s $TMP/cb1TEMP$$ ] && [ -s $TMP/sayTEMP1 ]; then ++echo "# This is your /etc/ppp/pppscript." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Look at /etc/ppp/pppscript." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++fi ++ ++if [ -s $TMP/cb1TEMP$$ ]; then ++echo "# This is your /etc/ppp/callback script." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Look at /etc/ppp/callback." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++fi ++ ++echo "# This is your /etc/ppp/options file." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++cat /etc/ppp/options >> $TMP/txtTEMP$$ + + if [ "$MODERROR" = "YES" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "WARNING: I could not find the modem device: '/dev/$MODEM'" >> /tmp/txtTEMP$$ +-echo "cua0 = com1 cua1 = com2 cua2 = com3 cua3 = com4" >> /tmp/txtTEMP$$ +-echo "# MAKEDEV $MODEM # /dev/MAKEDEV $MODEM" >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "WARNING: I could not find the modem device: '/dev/$MODEM'" >> $TMP/txtTEMP$$ ++echo "ttyS0 = com1 ttyS1 = com2 ttyS2 = com3 ttyS3 = com4" >> $TMP/txtTEMP$$ ++echo "# MAKEDEV $MODEM # /dev/MAKEDEV $MODEM" >> $TMP/txtTEMP$$ + fi + + if [ "$DOMAINNAME" = "unknown.com" ] && [ "$PAP" = "MS-CHAP-80" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "The remotename option is required for microsoft's ms-chap-80." >> /tmp/txtTEMP$$ +-echo "You didn't give a DOMAIN NAME so i put unknown.com, you should" >> /tmp/txtTEMP$$ +-echo "change that to your service providers domain name." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "The remotename option is required for microsoft's ms-chap-80." >> $TMP/txtTEMP$$ ++echo "You didn't give a DOMAIN NAME so i put unknown.com, you should" >> $TMP/txtTEMP$$ ++echo "change that to your service providers domain name." >> $TMP/txtTEMP$$ + fi + + if [ ! "$MODERROR" = "YES" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "I created the symbolic link: /dev/modem -> /dev/$MODEM" >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "I created the symbolic link: /dev/modem -> /dev/$MODEM" >> $TMP/txtTEMP$$ + fi + +-echo >> /tmp/txtTEMP$$ +-echo "# This is your /etc/ppp/options.demand dialing file." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-cat /etc/ppp/options.demand >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "If you have a ethernet connection you should change the local:remote" >> /tmp/txtTEMP$$ +-echo "IP addresses in the options.demand file, to your actual local and" >> /tmp/txtTEMP$$ +-echo "remote address. Example: 215.346.117.89:312.217.187.96" >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "# This in your /etc/resolv.conf file." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-cat /etc/resolv.conf >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "# This is your /etc/ppp/options.demand dialing file." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++cat /etc/ppp/options.demand >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "If you have a ethernet connection you should change the local:remote" >> $TMP/txtTEMP$$ ++echo "IP addresses in the options.demand file, to your actual local and" >> $TMP/txtTEMP$$ ++echo "remote address. Example: 215.346.117.89:312.217.187.96" >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "# This in your /etc/resolv.conf file." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++cat /etc/resolv.conf >> $TMP/txtTEMP$$ + +-echo >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ + if [ -z $DNSIP ]; then +-echo "207.132.116.5 <-IMPORTANT: This should be the IP address of" >> /tmp/txtTEMP$$ +-echo " your service providers nameserver." >> /tmp/txtTEMP$$ ++echo "207.132.116.5 <-IMPORTANT: This should be the IP address of" >> $TMP/txtTEMP$$ ++echo " your service providers nameserver." >> $TMP/txtTEMP$$ + else +-echo "$DNSIP <-IMPORTANT: This should be the IP address of" >> /tmp/txtTEMP$$ +-echo " your service providers nameserver." >> /tmp/txtTEMP$$ ++echo "$DNSIP <-IMPORTANT: This should be the IP address of" >> $TMP/txtTEMP$$ ++echo " your service providers nameserver." >> $TMP/txtTEMP$$ + fi + + if [ -z $DNSIP ]; then +-echo >> /tmp/txtTEMP$$ +-echo "WARNING: You didn't give a IP address for your internet service" >> /tmp/txtTEMP$$ +-echo "providers nameserver, i put '207.132.116.5' but this may not work." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "WARNING: You didn't give a IP address for your internet service" >> $TMP/txtTEMP$$ ++echo "providers nameserver, i put '207.132.116.5' but this may not work." >> $TMP/txtTEMP$$ + fi + + if [ "$PAP" = "CHAP" ] || [ "$PAP" = "MS-CHAP-80" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "# This is your /etc/ppp/chap-secrets file." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Look at /etc/ppp/chap-secrets." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "# This is your /etc/ppp/chap-secrets file." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Look at /etc/ppp/chap-secrets." >> $TMP/txtTEMP$$ + fi + + if [ "$DOMAINNAME" = "unknown.com" ] && [ "$PAP" = "MS-CHAP-80" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "You didn't give a DOMAIN NAME that's why i put unknown.com in" >> /tmp/txtTEMP$$ +-echo "the /etc/ppp/chap-secrets file." >> /tmp/txtTEMP$$ +-echo "You should change that to your service providers domain name." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "You didn't give a DOMAIN NAME that's why i put unknown.com in" >> $TMP/txtTEMP$$ ++echo "the /etc/ppp/chap-secrets file." >> $TMP/txtTEMP$$ ++echo "You should change that to your service providers domain name." >> $TMP/txtTEMP$$ + fi + + if [ "$PAP" = "PAP" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "# This is your /etc/ppp/pap-secrets file." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Look at /etc/ppp/pap-secrets." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "# This is your /etc/ppp/pap-secrets file." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Look at /etc/ppp/pap-secrets." >> $TMP/txtTEMP$$ + fi + + if [ "$PATH1" = "pppd" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "ATENTION: I couldn't find on your system." >> /tmp/txtTEMP$$ +-echo "You need on your system to make the PPP connection." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "ATENTION: I couldn't find on your system." >> $TMP/txtTEMP$$ ++echo "You need on your system to make the PPP connection." >> $TMP/txtTEMP$$ + fi + + if [ "$PATH2" = "chat" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "ATENTION: I couldn't find on your system." >> /tmp/txtTEMP$$ +-echo "You need on your system to make the PPP connection." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "ATENTION: I couldn't find on your system." >> $TMP/txtTEMP$$ ++echo "You need on your system to make the PPP connection." >> $TMP/txtTEMP$$ + fi + + if [ ! "$MSG1" = "YES" ] && [ ! "$MSG2" = "YES" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "ATENTION: I couldn't find 'PPP' in the kernel or as a module." >> /tmp/txtTEMP$$ +-echo "You'll need 'PPP' in the kernel or as a module to make a PPP connection." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "ATENTION: I couldn't find 'PPP' in the kernel or as a module." >> $TMP/txtTEMP$$ ++echo "You'll need 'PPP' in the kernel or as a module to make a PPP connection." >> $TMP/txtTEMP$$ + fi + + if [ "$PPPRC" = "YES" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "ATENTION: I found a $HOME/.ppprc file and moved it to" >> /tmp/txtTEMP$$ +-echo ".ppprc.off, it might interfere with the PPP connection." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "ATENTION: I found a $HOME/.ppprc file and moved it to" >> $TMP/txtTEMP$$ ++echo ".ppprc.off, it might interfere with the PPP connection." >> $TMP/txtTEMP$$ + fi + +-echo >> /tmp/txtTEMP$$ +-echo "Does everything look correct? if not, run 'pppsetup' again..." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "=========================================================================" >> /tmp/txtTEMP$$ +-echo "To connect to your service provider." >> /tmp/txtTEMP$$ +-echo "=========================================================================" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "~# ppp-go <-Make PPP connection.)" >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Does everything look correct? if not, run 'pppsetup' again..." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "=========================================================================" >> $TMP/txtTEMP$$ ++echo "To connect to your service provider." >> $TMP/txtTEMP$$ ++echo "=========================================================================" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "~# ppp-go <-Make PPP connection.)" >> $TMP/txtTEMP$$ + +-echo >> /tmp/txtTEMP$$ +-echo "You'll hear and see the modem dialing then once connected," >> /tmp/txtTEMP$$ +-echo "logging you in Username: or Login: and Password: etc." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "You won't see a Username or Login: and Password: prompt" >> /tmp/txtTEMP$$ +-echo "if they're using PAP or CHAP to authenticate you." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "If they use PAP or CHAP you'll just see CONNECT -- got it." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "If the connection was successful you'll see the Local IP and" >> /tmp/txtTEMP$$ +-echo "Remote IP address printed to the screen, you can press [Enter]." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "If you run ppp-go in X windows you probably won't see a Local" >> /tmp/txtTEMP$$ +-echo "and Remote IP address printed to the screen, you'll just see" >> /tmp/txtTEMP$$ +-echo "the connection process come to a end, wait a few seconds and" >> /tmp/txtTEMP$$ +-echo "press [Enter] at that point." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "If you don't connect for whatever reason e.g. Failed No" >> /tmp/txtTEMP$$ +-echo "Dialtone, Busy, No Carrier, Whatever, Exit, just press" >> /tmp/txtTEMP$$ +-echo "[Enter] at that point." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "if you have syslogd running, you can see the output messages" >> /tmp/txtTEMP$$ +-echo "from pppd and chat in the /var/log/messages and or debug file." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "Sample /var/log/messages file." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "`hostname 2>/dev/null` pppd[562]: Serial connection established." >> /tmp/txtTEMP$$ +-echo "`hostname 2>/dev/null` pppd[562]: Using interface ppp0" >> /tmp/txtTEMP$$ +-echo "`hostname 2>/dev/null` pppd[562]: Connect: ppp0 <--> /dev/modem" >> /tmp/txtTEMP$$ +-echo "`hostname 2>/dev/null` pppd[562]: local IP address 215.87.78.18" >> /tmp/txtTEMP$$ +-echo "`hostname 2>/dev/null` pppd[562]: remote IP address 205.94.97.35" >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "You don't have a successful PPP connection until you" >> /tmp/txtTEMP$$ +-echo "receive a local & remote IP address like above." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "If you have the X window system, you could connect in a Xterm." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "`hostname 2>/dev/null` # startx" >> /tmp/txtTEMP$$ +-echo "`hostname 2>/dev/null` # ppp-go" >> /tmp/txtTEMP$$ +-echo "`hostname 2>/dev/null` # netscape mosaic etc." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "You'll hear and see the modem dialing then once connected," >> $TMP/txtTEMP$$ ++echo "logging you in Username: or Login: and Password: etc." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "You won't see a Username or Login: and Password: prompt" >> $TMP/txtTEMP$$ ++echo "if they're using PAP or CHAP to authenticate you." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "If they use PAP or CHAP you'll just see CONNECT -- got it." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "If the connection was successful you'll see the Local IP and" >> $TMP/txtTEMP$$ ++echo "Remote IP address printed to the screen, you can press [Enter]." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "If you run ppp-go in X windows you probably won't see a Local" >> $TMP/txtTEMP$$ ++echo "and Remote IP address printed to the screen, you'll just see" >> $TMP/txtTEMP$$ ++echo "the connection process come to a end, wait a few seconds and" >> $TMP/txtTEMP$$ ++echo "press [Enter] at that point." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "If you don't connect for whatever reason e.g. Failed No" >> $TMP/txtTEMP$$ ++echo "Dialtone, Busy, No Carrier, Whatever, Exit, just press" >> $TMP/txtTEMP$$ ++echo "[Enter] at that point." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "if you have syslogd running, you can see the output messages" >> $TMP/txtTEMP$$ ++echo "from pppd and chat in the /var/log/messages and or debug file." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "Sample /var/log/messages file." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "`hostname 2>/dev/null` pppd[562]: Serial connection established." >> $TMP/txtTEMP$$ ++echo "`hostname 2>/dev/null` pppd[562]: Using interface ppp0" >> $TMP/txtTEMP$$ ++echo "`hostname 2>/dev/null` pppd[562]: Connect: ppp0 <--> /dev/modem" >> $TMP/txtTEMP$$ ++echo "`hostname 2>/dev/null` pppd[562]: local IP address 215.87.78.18" >> $TMP/txtTEMP$$ ++echo "`hostname 2>/dev/null` pppd[562]: remote IP address 205.94.97.35" >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "You don't have a successful PPP connection until you" >> $TMP/txtTEMP$$ ++echo "receive a local & remote IP address like above." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "If you have the X window system, you could connect in a Xterm." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "`hostname 2>/dev/null` # startx" >> $TMP/txtTEMP$$ ++echo "`hostname 2>/dev/null` # ppp-go" >> $TMP/txtTEMP$$ ++echo "`hostname 2>/dev/null` # netscape mosaic etc." >> $TMP/txtTEMP$$ + +-echo >> /tmp/txtTEMP$$ +-echo "~# ppp-off <-To end the ppp connection.)" >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "~# ppp-off <-To end the ppp connection.)" >> $TMP/txtTEMP$$ + +-echo >> /tmp/txtTEMP$$ +-echo "~# ppp-go -h <-For help.)" >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "~# ppp-go -h <-For help.)" >> $TMP/txtTEMP$$ + +-echo >> /tmp/txtTEMP$$ +-echo 'There is no support in linux for "WinModems", if you have a' >> /tmp/txtTEMP$$ +-echo "WinModem you will not be able to use it in linux." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "There is support for plug n play modems, if you have a pnp" >> /tmp/txtTEMP$$ +-echo 'modem you may need "isapnptools" to get it recognized.' >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo 'There is no support in linux for "WinModems", if you have a' >> $TMP/txtTEMP$$ ++echo "WinModem you will not be able to use it in linux." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "There is support for plug n play modems, if you have a pnp" >> $TMP/txtTEMP$$ ++echo 'modem you may need "isapnptools" to get it recognized.' >> $TMP/txtTEMP$$ + +-echo >> /tmp/txtTEMP$$ +-echo "=========================================================================" >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "=========================================================================" >> $TMP/txtTEMP$$ + if [ -s /usr/doc/pppsetup/pppsetup-$VERSION.README ]; then +-echo "#### Look at the /usr/doc/pppsetup/pppsetup-$VERSION.README. ####" >> /tmp/txtTEMP$$ ++echo "#### Look at the /usr/doc/pppsetup/pppsetup-$VERSION.README. ####" >> $TMP/txtTEMP$$ + fi +-echo "#### A copy of this text can be found in: /etc/ppp/pppsetup.txt ####" >> /tmp/txtTEMP$$ +-echo "=========================================================================" >> /tmp/txtTEMP$$ ++echo "#### A copy of this text can be found in: /etc/ppp/pppsetup.txt ####" >> $TMP/txtTEMP$$ ++echo "=========================================================================" >> $TMP/txtTEMP$$ + +-echo >> /tmp/txtTEMP$$ +-echo "Done... You can exit now..." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "End..." >> /tmp/txtTEMP$$ +-echo "=========================================================================" >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Done... You can exit now..." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "End..." >> $TMP/txtTEMP$$ ++echo "=========================================================================" >> $TMP/txtTEMP$$ + +-dialog --title "DONE" --clear --textbox "/tmp/txtTEMP$$" 22 78 ++dialog --title "DONE" --clear --textbox "$TMP/txtTEMP$$" 22 78 + + clear 2>/dev/null || echo + +-cat /tmp/txtTEMP$$ >> /etc/ppp/pppsetup.txt ++cat $TMP/txtTEMP$$ >> /etc/ppp/pppsetup.txt + chmod 600 /etc/ppp/pppsetup.txt 2>/dev/null + + if [ ! -s /etc/syslog.conf ]; then +@@ -1644,7 +1688,7 @@ + + demand >> /etc/ppp/pppsetup.txt + other >> /etc/ppp/pppsetup.txt +-rm -f /tmp/*TEMP* 2>/dev/null ++rm -f $TMP/*TEMP* 2>/dev/null + + killall -9 syslogd 2>/dev/null + syslogd & 2>/dev/null +@@ -1659,7 +1703,7 @@ + else + demand >> /etc/ppp/pppsetup.txt + other >> /etc/ppp/pppsetup.txt +-rm -f /tmp/*TEMP* 2>/dev/null ++rm -f $TMP/*TEMP* 2>/dev/null + echo + echo "#### A copy of this text can be found in: /etc/ppp/pppsetup.txt ####" + if [ -s /usr/doc/pppsetup/pppsetup-$VERSION.README ]; then diff --git a/patches/source/ppp/radius.msdict b/patches/source/ppp/radius.msdict new file mode 100644 index 00000000..da3a317c --- /dev/null +++ b/patches/source/ppp/radius.msdict @@ -0,0 +1,81 @@ +# +# Microsoft's VSA's, from RFC 2548 +# +# $Id: dictionary.microsoft,v 1.1 2004/11/14 07:26:26 paulus Exp $ +# + +VENDOR Microsoft 311 Microsoft + +ATTRIBUTE MS-CHAP-Response 1 string Microsoft +ATTRIBUTE MS-CHAP-Error 2 string Microsoft +ATTRIBUTE MS-CHAP-CPW-1 3 string Microsoft +ATTRIBUTE MS-CHAP-CPW-2 4 string Microsoft +ATTRIBUTE MS-CHAP-LM-Enc-PW 5 string Microsoft +ATTRIBUTE MS-CHAP-NT-Enc-PW 6 string Microsoft +ATTRIBUTE MS-MPPE-Encryption-Policy 7 string Microsoft +# This is referred to as both singular and plural in the RFC. +# Plural seems to make more sense. +ATTRIBUTE MS-MPPE-Encryption-Type 8 string Microsoft +ATTRIBUTE MS-MPPE-Encryption-Types 8 string Microsoft +ATTRIBUTE MS-RAS-Vendor 9 integer Microsoft +ATTRIBUTE MS-CHAP-Domain 10 string Microsoft +ATTRIBUTE MS-CHAP-Challenge 11 string Microsoft +ATTRIBUTE MS-CHAP-MPPE-Keys 12 string Microsoft +ATTRIBUTE MS-BAP-Usage 13 integer Microsoft +ATTRIBUTE MS-Link-Utilization-Threshold 14 integer Microsoft +ATTRIBUTE MS-Link-Drop-Time-Limit 15 integer Microsoft +ATTRIBUTE MS-MPPE-Send-Key 16 string Microsoft +ATTRIBUTE MS-MPPE-Recv-Key 17 string Microsoft +ATTRIBUTE MS-RAS-Version 18 string Microsoft +ATTRIBUTE MS-Old-ARAP-Password 19 string Microsoft +ATTRIBUTE MS-New-ARAP-Password 20 string Microsoft +ATTRIBUTE MS-ARAP-PW-Change-Reason 21 integer Microsoft + +ATTRIBUTE MS-Filter 22 string Microsoft +ATTRIBUTE MS-Acct-Auth-Type 23 integer Microsoft +ATTRIBUTE MS-Acct-EAP-Type 24 integer Microsoft + +ATTRIBUTE MS-CHAP2-Response 25 string Microsoft +ATTRIBUTE MS-CHAP2-Success 26 string Microsoft +ATTRIBUTE MS-CHAP2-CPW 27 string Microsoft + +ATTRIBUTE MS-Primary-DNS-Server 28 ipaddr Microsoft +ATTRIBUTE MS-Secondary-DNS-Server 29 ipaddr Microsoft +ATTRIBUTE MS-Primary-NBNS-Server 30 ipaddr Microsoft +ATTRIBUTE MS-Secondary-NBNS-Server 31 ipaddr Microsoft + +#ATTRIBUTE MS-ARAP-Challenge 33 string Microsoft + + +# +# Integer Translations +# + +# MS-BAP-Usage Values + +VALUE MS-BAP-Usage Not-Allowed 0 +VALUE MS-BAP-Usage Allowed 1 +VALUE MS-BAP-Usage Required 2 + +# MS-ARAP-Password-Change-Reason Values + +VALUE MS-ARAP-PW-Change-Reason Just-Change-Password 1 +VALUE MS-ARAP-PW-Change-Reason Expired-Password 2 +VALUE MS-ARAP-PW-Change-Reason Admin-Requires-Password-Change 3 +VALUE MS-ARAP-PW-Change-Reason Password-Too-Short 4 + +# MS-Acct-Auth-Type Values + +VALUE MS-Acct-Auth-Type PAP 1 +VALUE MS-Acct-Auth-Type CHAP 2 +VALUE MS-Acct-Auth-Type MS-CHAP-1 3 +VALUE MS-Acct-Auth-Type MS-CHAP-2 4 +VALUE MS-Acct-Auth-Type EAP 5 + +# MS-Acct-EAP-Type Values + +VALUE MS-Acct-EAP-Type MD5 4 +VALUE MS-Acct-EAP-Type OTP 5 +VALUE MS-Acct-EAP-Type Generic-Token-Card 6 +VALUE MS-Acct-EAP-Type TLS 13 + diff --git a/patches/source/ppp/realms b/patches/source/ppp/realms new file mode 100644 index 00000000..34403640 --- /dev/null +++ b/patches/source/ppp/realms @@ -0,0 +1,22 @@ +# /etc/radiusclient/realms +# +# Handle realm @netservers.co.uk on an internal RADIUS server +# (note the server must be told to strip the realm) + +#authserver netservers.co.uk 192.168.1.1:1812 +#acctserver netservers.co.uk 192.168.1.1:1813 + +# users in realm @example.com are handled by separate servers + +#authserver example.com 10.0.0.1:1812 +#acctserver example.com 10.0.0.2:1813 + +# the DEFAULT realm matches users that do not supply a realm + +#authserver DEFAULT 192.168.1.1:1812 +#acctserver DEFAULT 192.168.1.1:1813 + +# Any realms that do not match in the realms file automatically fall +# through to the standard radius plugin which uses the servers in the +# radiusclient.conf file. Note that this is different than the +# DEFAULT realm match, above. diff --git a/patches/source/ppp/servers b/patches/source/ppp/servers new file mode 100644 index 00000000..b061bf93 --- /dev/null +++ b/patches/source/ppp/servers @@ -0,0 +1,4 @@ +#Server Name or Client/Server pair Key +#---------------- --------------- +#portmaster.elemental.net hardlyasecret +#portmaster2.elemental.net donttellanyone diff --git a/patches/source/ppp/slack-desc b/patches/source/ppp/slack-desc new file mode 100644 index 00000000..ddf6f37f --- /dev/null +++ b/patches/source/ppp/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +ppp: ppp (Point-to-Point Protocol) +ppp: +ppp: The Point-to-Point Protocol (PPP) provides a method for transmitting +ppp: data over serial links. It's commonly used for connecting to the +ppp: Internet using a modem. This package includes the PPP daemon (pppd), +ppp: which negotiates with the peer to establish the link and sets up the +ppp: ppp network interface, and pppsetup, an easy-to-use utility for +ppp: setting up your PPP daemon. +ppp: +ppp: +ppp: diff --git a/patches/source/proftpd/doinst.sh b/patches/source/proftpd/doinst.sh new file mode 100644 index 00000000..37fe02dd --- /dev/null +++ b/patches/source/proftpd/doinst.sh @@ -0,0 +1,18 @@ +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +config etc/ftpusers.new +config etc/proftpd.conf.new + +# Remove any old proftpd files: +rm -f var/run/proftpd/proftpd* + diff --git a/patches/source/proftpd/etc/ftpusers b/patches/source/proftpd/etc/ftpusers new file mode 100644 index 00000000..d08f2a1f --- /dev/null +++ b/patches/source/proftpd/etc/ftpusers @@ -0,0 +1,22 @@ +# +# ftpusers This file describes the names of the users that may +# _*NOT*_ log into the system via the FTP server. +# This usually includes "root", "uucp", "news" and the +# like, because those users have too much power to be +# allowed to do "just" FTP... +# +# +# Version: @(#)/etc/ftpusers 3.00 02/25/2001 volkerdi +# +# Original Author: Fred N. van Kempen, +# +# The entire line gets matched, so no comments or extra characters on +# lines containing a username. +# +# To enable anonymous FTP, remove the "ftp" user: +ftp +root +uucp +news + +# End of ftpusers. diff --git a/patches/source/proftpd/etc/proftpd.conf b/patches/source/proftpd/etc/proftpd.conf new file mode 100644 index 00000000..ffb0df3f --- /dev/null +++ b/patches/source/proftpd/etc/proftpd.conf @@ -0,0 +1,74 @@ +# This is a basic ProFTPD configuration file. +# It establishes a single server and a single anonymous login. +# It assumes that you have a user/group "nobody" and "ftp" +# for normal/anonymous operation. + +ServerName "ProFTPD Default Installation" +#ServerType standalone +ServerType inetd +DefaultServer on + +# Port 21 is the standard FTP port. +Port 21 +# Umask 022 is a good standard umask to prevent new dirs and files +# from being group and world writable. +Umask 022 + +# To prevent DoS attacks, set the maximum number of child processes +# to 30. If you need to allow more than 30 concurrent connections +# at once, simply increase this value. Note that this ONLY works +# in standalone mode, in inetd mode you should use an inetd server +# that allows you to limit maximum number of processes per service +# (such as xinetd) +MaxInstances 30 + +# Set the user and group that the server normally runs at. +User nobody +Group nogroup + +# This next option is required for NIS or NIS+ to work properly: +#PersistentPasswd off + +SystemLog /var/log/proftpd.log +TransferLog /var/log/xferlog + +# Normally, we want files to be overwriteable. + + AllowOverwrite on + + +# A basic anonymous FTP server configuration. +# To enable this, remove the user ftp from /etc/ftpusers. + + RequireValidShell off + User ftp + Group ftp + # We want clients to be able to login with "anonymous" as well as "ftp" + UserAlias anonymous ftp + + # Limit the maximum number of anonymous logins + MaxClients 50 + + # We want 'welcome.msg' displayed at login, and '.message' displayed + # in each newly chdired directory. + DisplayLogin welcome.msg + DisplayChdir .message + + # Limit WRITE everywhere in the anonymous chroot + + DenyAll + + + # An upload directory that allows storing files but not retrieving + # or creating directories. +# +# +# DenyAll +# +# +# +# AllowAll +# +# + + diff --git a/patches/source/proftpd/proftpd.SlackBuild b/patches/source/proftpd/proftpd.SlackBuild new file mode 100755 index 00000000..a88f97e4 --- /dev/null +++ b/patches/source/proftpd/proftpd.SlackBuild @@ -0,0 +1,134 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2015 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=1.3.5e +DIRVER=1.3.5e +BUILD=${BUILD:-1_slack13.1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-proftpd + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf proftpd-$VERSION +tar xvf $CWD/proftpd-$VERSION.tar.?z* || exit 1 +cd proftpd-$DIRVER || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --sysconfdir=/etc \ + --enable-autoshadow \ + --enable-ctrls \ + --enable-ipv6 \ + --localstatedir=/var/run \ + --with-modules=mod_readme:mod_ratio:mod_tls:mod_wrap:mod_ctrls_admin \ + --build=$ARCH-slackware-linux || exit 1 +# This caused funny messages about "Quotas off" with every FTP command, +# and mod_wrap gets a compile error: +# --with-modules= ... mod_quota ... + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# With no library to link against, these are useless: +rm -rf $PKG/usr/include +rm -f $PKG/etc/* +rmdir $PKG/usr/libexec 2> /dev/null + +cat $CWD/etc/proftpd.conf > $PKG/etc/proftpd.conf.new +cat $CWD/etc/ftpusers > $PKG/etc/ftpusers.new +mkdir -p $PKG/home/ftp + +gzip -9 $PKG/usr/man/man?/*.? + +mkdir -p $PKG/usr/doc/proftpd-$VERSION +cp -a COPYING CREDITS INSTALL NEWS README* \ + contrib/README.mod_wrap contrib/README.ratio \ + $PKG/usr/doc/proftpd-$VERSION +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/proftpd-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi +cp -a contrib/README $PKG/usr/doc/proftpd-$VERSION/README.contrib +cp -a doc sample-configurations $PKG/usr/doc/proftpd-$VERSION +# Bloat removal: +( cd $PKG/usr/doc + find . -name "*.sgml" -exec rm {} \; + find . -name "*.pdf" -exec rm {} \; +) +rmdir $PKG/usr/share/locale +rmdir $PKG/usr/share + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/proftpd-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/proftpd/slack-desc b/patches/source/proftpd/slack-desc new file mode 100644 index 00000000..5ed80ca9 --- /dev/null +++ b/patches/source/proftpd/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +proftpd: proftpd (FTP server daemon) +proftpd: +proftpd: ProFTPD is the Professional File Transfer Protocol (FTP) server +proftpd: daemon. ProFTPD grew out of the desire to have a secure and +proftpd: configurable FTP server, and out of a significant admiration of the +proftpd: Apache web server. +proftpd: +proftpd: +proftpd: +proftpd: +proftpd: diff --git a/patches/source/randrproto/arch.use.flags b/patches/source/randrproto/arch.use.flags new file mode 100644 index 00000000..11087c88 --- /dev/null +++ b/patches/source/randrproto/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/randrproto/build/randrproto b/patches/source/randrproto/build/randrproto new file mode 100644 index 00000000..c26b02cb --- /dev/null +++ b/patches/source/randrproto/build/randrproto @@ -0,0 +1 @@ +1_slack13.1 diff --git a/patches/source/randrproto/configure/configure b/patches/source/randrproto/configure/configure new file mode 100644 index 00000000..dcb1109b --- /dev/null +++ b/patches/source/randrproto/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/randrproto/modularize b/patches/source/randrproto/modularize new file mode 100644 index 00000000..8a28ed93 --- /dev/null +++ b/patches/source/randrproto/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/randrproto/noarch b/patches/source/randrproto/noarch new file mode 100644 index 00000000..8785ee52 --- /dev/null +++ b/patches/source/randrproto/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/randrproto/package-blacklist b/patches/source/randrproto/package-blacklist new file mode 100644 index 00000000..603b8c31 --- /dev/null +++ b/patches/source/randrproto/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/randrproto/randrproto.SlackBuild b/patches/source/randrproto/randrproto.SlackBuild new file mode 100755 index 00000000..d9f6c69e --- /dev/null +++ b/patches/source/randrproto/randrproto.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild proto randrproto +mv /tmp/x11-build/randrproto*txz /tmp diff --git a/patches/source/randrproto/slack-desc/randrproto b/patches/source/randrproto/slack-desc/randrproto new file mode 100644 index 00000000..f97ca095 --- /dev/null +++ b/patches/source/randrproto/slack-desc/randrproto @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +randrproto: randrproto (C prototypes for RandR) +randrproto: +randrproto: RandR is the X11 Resize and Rotate Extension +randrproto: +randrproto: +randrproto: +randrproto: +randrproto: +randrproto: +randrproto: +randrproto: diff --git a/patches/source/randrproto/x11.SlackBuild b/patches/source/randrproto/x11.SlackBuild new file mode 100755 index 00000000..c3887dff --- /dev/null +++ b/patches/source/randrproto/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/rdesktop/rdesktop.CVE-2011-1595.diff b/patches/source/rdesktop/rdesktop.CVE-2011-1595.diff new file mode 100644 index 00000000..0db8c3bc --- /dev/null +++ b/patches/source/rdesktop/rdesktop.CVE-2011-1595.diff @@ -0,0 +1,22 @@ +--- ./disk.c.orig 2008-02-15 18:13:25.000000000 -0600 ++++ ./disk.c 2011-04-20 20:27:55.978000772 -0500 +@@ -356,6 +356,19 @@ + filename[strlen(filename) - 1] = 0; + sprintf(path, "%s%s", g_rdpdr_device[device_id].local_path, filename); + ++ /* Protect against mailicous servers: ++ somelongpath/.. not allowed ++ somelongpath/../b not allowed ++ somelongpath/..b in principle ok, but currently not allowed ++ somelongpath/b.. ok ++ somelongpath/b..b ok ++ somelongpath/b../c ok ++ */ ++ if (strstr(path, "/..")) ++ { ++ return RD_STATUS_ACCESS_DENIED; ++ } ++ + switch (create_disposition) + { + case CREATE_ALWAYS: diff --git a/patches/source/rdesktop/rdesktop.SlackBuild b/patches/source/rdesktop/rdesktop.SlackBuild new file mode 100755 index 00000000..153bb819 --- /dev/null +++ b/patches/source/rdesktop/rdesktop.SlackBuild @@ -0,0 +1,117 @@ +#!/bin/sh + +# Copyright 2006, 2008, 2009, 2011 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=rdesktop +VERSION=${VERSION:-1.6.0} +BUILD=${BUILD:-2_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-${PKGNAM} +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf ${PKGNAM}-${VERSION} +tar xvf $CWD/${PKGNAM}-$VERSION.tar.bz2 || exit 1 +cd ${PKGNAM}-$VERSION || exit 1 + +zcat $CWD/rdesktop.CVE-2011-1595.diff.gz | patch -p1 --verbose || exit 1 + +# Make sure ownerships and permissions are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Configure: +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --with-sound=alsa \ + --enable-smartcard \ + --mandir=/usr/man \ + --build=$ARCH-slackware-linux + +# Build and install: +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# Strip binaries: +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +# Add a documentation directory: +mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION +cp -a \ + COPYING README \ + doc \ + $PKG/usr/doc/${PKGNAM}-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/${PKGNAM}-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/rdesktop/slack-desc b/patches/source/rdesktop/slack-desc new file mode 100644 index 00000000..283da1cd --- /dev/null +++ b/patches/source/rdesktop/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +rdesktop: rdesktop (Remote Desktop Protocol client) +rdesktop: +rdesktop: rdesktop is a client for Remote Desktop Protocol (RDP), used in a +rdesktop: number of Microsoft products including Windows NT Terminal Server, +rdesktop: Windows 2000 Server, Windows XP, and Windows 2003 Server. +rdesktop: +rdesktop: For more information, see: http://www.rdesktop.org +rdesktop: +rdesktop: +rdesktop: +rdesktop: diff --git a/patches/source/recordproto/arch.use.flags b/patches/source/recordproto/arch.use.flags new file mode 100644 index 00000000..11087c88 --- /dev/null +++ b/patches/source/recordproto/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/recordproto/build/recordproto b/patches/source/recordproto/build/recordproto new file mode 100644 index 00000000..c26b02cb --- /dev/null +++ b/patches/source/recordproto/build/recordproto @@ -0,0 +1 @@ +1_slack13.1 diff --git a/patches/source/recordproto/configure/configure b/patches/source/recordproto/configure/configure new file mode 100644 index 00000000..dcb1109b --- /dev/null +++ b/patches/source/recordproto/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/recordproto/modularize b/patches/source/recordproto/modularize new file mode 100644 index 00000000..8a28ed93 --- /dev/null +++ b/patches/source/recordproto/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/recordproto/noarch b/patches/source/recordproto/noarch new file mode 100644 index 00000000..8785ee52 --- /dev/null +++ b/patches/source/recordproto/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/recordproto/package-blacklist b/patches/source/recordproto/package-blacklist new file mode 100644 index 00000000..603b8c31 --- /dev/null +++ b/patches/source/recordproto/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/recordproto/recordproto.SlackBuild b/patches/source/recordproto/recordproto.SlackBuild new file mode 100755 index 00000000..84451032 --- /dev/null +++ b/patches/source/recordproto/recordproto.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild proto recordproto +mv /tmp/x11-build/recordproto*txz /tmp diff --git a/patches/source/recordproto/slack-desc/recordproto b/patches/source/recordproto/slack-desc/recordproto new file mode 100644 index 00000000..4fc28e90 --- /dev/null +++ b/patches/source/recordproto/slack-desc/recordproto @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +recordproto: recordproto (C prototypes for X Record Extension) +recordproto: +recordproto: recordproto is part of X11. +recordproto: +recordproto: For more information about the X.Org Foundation (the providers of the +recordproto: X.Org implementation of the X Window System), see their website: +recordproto: +recordproto: http://www.x.org +recordproto: +recordproto: +recordproto: diff --git a/patches/source/recordproto/x11.SlackBuild b/patches/source/recordproto/x11.SlackBuild new file mode 100755 index 00000000..c3887dff --- /dev/null +++ b/patches/source/recordproto/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/rsync/rsync.SlackBuild b/patches/source/rsync/rsync.SlackBuild new file mode 100755 index 00000000..16fdd466 --- /dev/null +++ b/patches/source/rsync/rsync.SlackBuild @@ -0,0 +1,110 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2018 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=rsync +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-rsync +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf rsync-$VERSION +tar xvf $CWD/rsync-$VERSION.tar.?z || exit 1 +cd rsync-$VERSION || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit + +mv $PKG/usr/share/man $PKG/usr +rmdir $PKG/usr/share + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1 | grep -v '\.gz$') ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +mkdir -p $PKG/usr/doc/rsync-$VERSION/popt +cp -a \ + COPYING* INSTALL NEWS README* TODO tech_report.tex \ + support \ + $PKG/usr/doc/rsync-$VERSION +( cd popt + cp -a CHANGES COPYING README README.rsync $PKG/usr/doc/rsync-$VERSION/popt +) + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/rsync-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/rsync/slack-desc b/patches/source/rsync/slack-desc new file mode 100644 index 00000000..7e3b7089 --- /dev/null +++ b/patches/source/rsync/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +rsync: rsync (remote file sync) +rsync: +rsync: rsync is a replacement for rcp that has many more features. It +rsync: uses the "rsync algorithm" which provides a very fast method for +rsync: bringing remote files into sync. It does this by sending just the +rsync: differences in the files across the link, without requiring that both +rsync: sets of files are present at one of the ends of the link beforehand. +rsync: rsync was written by Andrew Tridgell and Paul Mackerras. +rsync: +rsync: Homepage: http://rsync.samba.org +rsync: diff --git a/patches/source/ruby/ruby.SlackBuild b/patches/source/ruby/ruby.SlackBuild new file mode 100755 index 00000000..78ffd772 --- /dev/null +++ b/patches/source/ruby/ruby.SlackBuild @@ -0,0 +1,130 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2012 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=ruby +VERSION=$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1,2 -d - | rev) +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-ruby + +if [ "$ARCH" = "i486" ]; then + # -O3 works around a compile failure due to a miniruby segfault + # when trying to build ruby with gcc-4.4 or newer. Evidently + # -O0 also works, but... + # other distributions also use -fno-strict-aliasing which helps stability + SLKCFLAGS="-march=i486 -mtune=i686 -O3 -fno-strict-aliasing" + OPTFLAGS=-O3 + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + # Unknown if s390 is needs -O3. Check to see if it compiles with -O2. + SLKCFLAGS="-O3 -fno-strict-aliasing" + OPTFLAGS=-O3 + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O3 -fPIC -fno-strict-aliasing" + OPTFLAGS=-O3 + LIBDIRSUFFIX="64" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf ruby-$VERSION +tar xvf $CWD/ruby-$VERSION.tar.?z* || exit 1 +cd ruby-$VERSION || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Evidently certain things must be linked static. +# Seems suboptimal to me... + +CFLAGS="$SLKCFLAGS" \ +optflags=$OPTFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --datadir=/usr/share \ + --docdir=/usr/doc/ruby-$VERSION \ + --enable-shared \ + --enable-pthread \ + --disable-install-capi \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +mkdir -p $PKG/usr/doc/ruby-$VERSION +cp -a \ + BSDL COPYING* *GPL* ChangeLog LEGAL NEWS README* ToDo \ + $PKG/usr/doc/ruby-$VERSION + +# The entire ChangeLog is excessive for most users: +cat $PKG/usr/doc/ruby-$VERSION/ChangeLog | head -n 1000 > $PKG/usr/doc/ruby-$VERSION/CL +mv $PKG/usr/doc/ruby-$VERSION/CL $PKG/usr/doc/ruby-$VERSION/ChangeLog + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +find $PKG | xargs file | grep -e "current ar archive" \ + | cut -f 1 -d : | xargs strip --strip-debug 2> /dev/null + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/ruby-$(echo $VERSION | tr - _)-$ARCH-$BUILD.txz + diff --git a/patches/source/ruby/slack-desc b/patches/source/ruby/slack-desc new file mode 100644 index 00000000..13ffd7a3 --- /dev/null +++ b/patches/source/ruby/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +ruby: ruby (Interpreted object-oriented scripting language) +ruby: +ruby: Ruby is an interpreted scripting language for quick and easy +ruby: object-oriented programming. It has many features to process text +ruby: files and to do system management tasks (as in Perl). It is simple, +ruby: straight-forward, and extensible. +ruby: +ruby: Visit the Ruby project online at http://www.ruby-lang.org/ +ruby: +ruby: +ruby: diff --git a/patches/source/rxvt/rxvt-integer-overflow-fix.patch b/patches/source/rxvt/rxvt-integer-overflow-fix.patch new file mode 100644 index 00000000..edb13856 --- /dev/null +++ b/patches/source/rxvt/rxvt-integer-overflow-fix.patch @@ -0,0 +1,11 @@ +--- rxvt-2.7.10/src/command.c 2003-03-26 07:01:23.000000000 +0100 ++++ rxvt-2.7.10-patched/src/command.c 2017-04-27 12:06:05.682072274 +0200 +@@ -2096,7 +2096,7 @@ + i = ch - CSI_ICH; + ndef = get_byte_array_bit(csi_defaults, i); + for (p = 0; p < nargs; p++) +- if (arg[p] == -1) ++ if (arg[p] < 0 || arg[p] > 30000) + arg[p] = ndef; + + #ifdef DEBUG_CMD diff --git a/patches/source/rxvt/rxvt.SlackBuild b/patches/source/rxvt/rxvt.SlackBuild new file mode 100755 index 00000000..5d029e85 --- /dev/null +++ b/patches/source/rxvt/rxvt.SlackBuild @@ -0,0 +1,127 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2012, 2017 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=rxvt +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-5_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$(uname -m)" in + i?86) ARCH=i486 ;; + arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7hl ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) ARCH=$(uname -m) ;; + esac + export ARCH +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i386" ]; then + SLKCFLAGS="-O2 -march=i386 -mcpu=i686" +elif [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +elif [ "$ARCH" = "armv7hl" ]; then + SLKCFLAGS="-O3 -march=armv7-a -mfpu=vfpv3-d16" +else + SLKCFLAGS="-O2" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-rxvt +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf rxvt-$VERSION +tar xvf $CWD/rxvt-$VERSION.tar.xz || exit 1 +cd rxvt-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +zcat $CWD/rxvt.utempter.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1 + +# Patch for CVE-2017-7483: +zcat $CWD/rxvt-integer-overflow-fix.patch.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1 + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --enable-languages \ + --enable-utmp \ + --enable-wtmp \ + --enable-xpm-background \ + --enable-transparency \ + --enable-menubar \ + --enable-graphics \ + --enable-rxvt-scroll \ + --enable-next-scroll \ + --enable-xterm-scroll \ + --enable-xim \ + --enable-frills \ + --enable-linespace \ + --enable-24bit \ + --enable-keepscrolling \ + --enable-mousewheel \ + --enable-slipwheeling \ + --enable-xgetdefault \ + --enable-old-selection \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +rmdir $PKG/usr/lib $PKG/usr/include +rm $PKG/usr/bin/rxvt-$VERSION + +mkdir -p $PKG/usr/doc/rxvt-$VERSION +cp -a \ + rxvt-$VERSION.lsm doc rclock/rclock.html \ + $PKG/usr/doc/rxvt-$VERSION +rm -r $PKG/usr/doc/rxvt-$VERSION/doc/yodl + +gzip -9 $PKG/usr/man/man1/* + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/rxvt-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/rxvt/rxvt.utempter.diff b/patches/source/rxvt/rxvt.utempter.diff new file mode 100644 index 00000000..54e06f7a --- /dev/null +++ b/patches/source/rxvt/rxvt.utempter.diff @@ -0,0 +1,277 @@ +--- ./src/logging.c.orig 2002-12-15 16:33:04.000000000 -0800 ++++ ./src/logging.c 2003-06-07 21:08:52.000000000 -0700 +@@ -60,157 +60,7 @@ + void + rxvt_makeutent(rxvt_t *r, const char *pty, const char *hostname) + { +-#ifdef HAVE_STRUCT_UTMP +- struct utmp *ut = &(r->h->ut); +-#endif +-#ifdef HAVE_STRUCT_UTMPX +- struct utmpx *utx = &(r->h->utx); +-#endif +-#ifdef HAVE_UTMP_PID +- int i; +-#endif +- char ut_id[5]; +- struct passwd *pwent = getpwuid(getuid()); +- +- if (!STRNCMP(pty, "/dev/", 5)) +- pty += 5; /* skip /dev/ prefix */ +- +- if (!STRNCMP(pty, "pty", 3) || !STRNCMP(pty, "tty", 3)) { +- STRNCPY(ut_id, (pty + 3), sizeof(ut_id)); +- } +-#ifdef HAVE_UTMP_PID +- else if (sscanf(pty, "pts/%d", &i) == 1) +- sprintf(ut_id, "vt%02x", (i & 0xff)); /* sysv naming */ +-#endif +- else if (STRNCMP(pty, "pty", 3) && STRNCMP(pty, "tty", 3)) { +- rxvt_print_error("can't parse tty name \"%s\"", pty); +- return; +- } +- +-#ifdef HAVE_STRUCT_UTMP +- MEMSET(ut, 0, sizeof(struct utmp)); +-# ifdef HAVE_UTMP_PID +- setutent(); +- STRNCPY(ut->ut_id, ut_id, sizeof(ut->ut_id)); +- ut->ut_type = DEAD_PROCESS; +- getutid(ut); /* position to entry in utmp file */ +- STRNCPY(r->h->ut_id, ut_id, sizeof(r->h->ut_id)); +-# endif +-#endif +- +-#ifdef HAVE_STRUCT_UTMPX +- MEMSET(utx, 0, sizeof(struct utmpx)); +- setutxent(); +- STRNCPY(utx->ut_id, ut_id, sizeof(utx->ut_id)); +- utx->ut_type = DEAD_PROCESS; +- getutxid(utx); /* position to entry in utmp file */ +- STRNCPY(r->h->ut_id, ut_id, sizeof(r->h->ut_id)); +-#endif +- +-#ifdef HAVE_STRUCT_UTMP +- STRNCPY(ut->ut_line, pty, sizeof(ut->ut_line)); +- ut->ut_time = time(NULL); +-# ifdef HAVE_UTMP_PID +- STRNCPY(ut->ut_user, (pwent && pwent->pw_name) ? pwent->pw_name : "?", +- sizeof(ut->ut_user)); +- STRNCPY(ut->ut_id, ut_id, sizeof(ut->ut_id)); +- ut->ut_time = time(NULL); +- ut->ut_pid = r->h->cmd_pid; +-# ifdef HAVE_UTMP_HOST +- STRNCPY(ut->ut_host, hostname, sizeof(ut->ut_host)); +-# endif +- ut->ut_type = USER_PROCESS; +- pututline(ut); +- endutent(); /* close the file */ +- r->h->utmp_pos = -1; +-# else +- STRNCPY(ut->ut_name, (pwent && pwent->pw_name) ? pwent->pw_name : "?", +- sizeof(ut->ut_name)); +-# ifdef HAVE_UTMP_HOST +- STRNCPY(ut->ut_host, hostname, sizeof(ut->ut_host)); +-# endif +-# endif +-#endif +- +-#ifdef HAVE_STRUCT_UTMPX +- STRNCPY(utx->ut_line, pty, sizeof(utx->ut_line)); +- STRNCPY(utx->ut_user, (pwent && pwent->pw_name) ? pwent->pw_name : "?", +- sizeof(utx->ut_user)); +- STRNCPY(utx->ut_id, ut_id, sizeof(utx->ut_id)); +- utx->ut_session = getsid(0); +- utx->ut_tv.tv_sec = time(NULL); +- utx->ut_tv.tv_usec = 0; +- utx->ut_pid = r->h->cmd_pid; +-# ifdef HAVE_UTMPX_HOST +- STRNCPY(utx->ut_host, hostname, sizeof(utx->ut_host)); +-# if 0 +- { +- char *colon; +- +- if ((colon = STRRCHR(ut->ut_host, ':')) != NULL) +- *colon = '\0'; +- } +-# endif +-# endif +- utx->ut_type = USER_PROCESS; +- pututxline(utx); +- endutxent(); /* close the file */ +- r->h->utmp_pos = -1; +-#endif +- +-#if defined(HAVE_STRUCT_UTMP) && !defined(HAVE_UTMP_PID) +- { +- int i; +-# ifdef HAVE_TTYSLOT +- i = ttyslot(); +- if (rxvt_write_bsd_utmp(i, ut)) +- r->h->utmp_pos = i; +-# else +- FILE *fd0; +- +- if ((fd0 = fopen(TTYTAB_FILENAME, "r")) != NULL) { +- char buf[256], name[256]; +- +- buf[sizeof(buf) - 1] = '\0'; +- for (i = 1; (fgets(buf, sizeof(buf) - 1, fd0) != NULL);) { +- if (*buf == '#' || sscanf(buf, "%s", name) != 1) +- continue; +- if (!STRCMP(ut->ut_line, name)) { +- if (!rxvt_write_bsd_utmp(i, ut)) +- i = 0; +- r->h->utmp_pos = i; +- fclose(fd0); +- break; +- } +- i++; +- } +- fclose(fd0); +- } +-# endif +- } +-#endif +- +-#ifdef WTMP_SUPPORT +-# ifdef WTMP_ONLY_ON_LOGIN +- if (r->Options & Opt_loginShell) +-# endif +- { +-# ifdef HAVE_STRUCT_UTMP +-# ifdef HAVE_UPDWTMP +- updwtmp(RXVT_WTMP_FILE, ut); +-# else +- rxvt_update_wtmp(RXVT_WTMP_FILE, ut); +-# endif +-# endif +-# ifdef HAVE_STRUCT_UTMPX +- updwtmpx(RXVT_WTMPX_FILE, utx); +-# endif +- } +-#endif +-#if defined(LASTLOG_SUPPORT) && defined(RXVT_LASTLOG_FILE) +- if (r->Options & Opt_loginShell) +- rxvt_update_lastlog(RXVT_LASTLOG_FILE, pty, hostname); +-#endif ++ addToUtmp(pty, NULL, r->cmd_fd); + } + + /* ------------------------------------------------------------------------- */ +@@ -221,85 +71,7 @@ + void + rxvt_cleanutent(rxvt_t *r) + { +-#ifdef HAVE_STRUCT_UTMP +- struct utmp *tmput, *ut = &(r->h->ut); +-#endif +-#ifdef HAVE_STRUCT_UTMPX +- struct utmpx *tmputx, *utx = &(r->h->utx); +-#endif +- +-#ifdef HAVE_STRUCT_UTMP +-# ifdef HAVE_UTMP_PID +- MEMSET(ut, 0, sizeof(struct utmp)); +- setutent(); +- STRNCPY(ut->ut_id, r->h->ut_id, sizeof(ut->ut_id)); +- ut->ut_type = USER_PROCESS; +- if ((tmput = getutid(ut))) /* position to entry in utmp file */ +- ut = tmput; +- ut->ut_type = DEAD_PROCESS; +-# else +- MEMSET(ut->ut_name, 0, sizeof(ut->ut_name)); +-# ifdef HAVE_UTMP_HOST +- MEMSET(ut->ut_host, 0, sizeof(ut->ut_host)); +-# endif +-# endif +- ut->ut_time = time(NULL); +-#endif +- +-#ifdef HAVE_STRUCT_UTMPX +- MEMSET(utx, 0, sizeof(struct utmpx)); +- setutxent(); +- STRNCPY(utx->ut_id, r->h->ut_id, sizeof(utx->ut_id)); +- utx->ut_type = USER_PROCESS; +- if ((tmputx = getutxid(utx))) /* position to entry in utmp file */ +- utx = tmputx; +- utx->ut_type = DEAD_PROCESS; +- utx->ut_session = getsid(0); +- utx->ut_tv.tv_sec = time(NULL); +- utx->ut_tv.tv_usec = 0; +-#endif +- +- /* +- * Write ending wtmp entry +- */ +-#ifdef WTMP_SUPPORT +-# ifdef WTMP_ONLY_ON_LOGIN +- if (r->Options & Opt_loginShell) +-# endif +- { +-# ifdef HAVE_STRUCT_UTMP +-# ifdef HAVE_UPDWTMP +- updwtmp(RXVT_WTMP_FILE, ut); +-# else +- rxvt_update_wtmp(RXVT_WTMP_FILE, ut); +-# endif +-# endif +-# ifdef HAVE_STRUCT_UTMPX +- updwtmpx(RXVT_WTMPX_FILE, utx); +-# endif +- } +-#endif +- +- /* +- * Write utmp entry +- */ +-#ifdef HAVE_STRUCT_UTMP +-# ifdef HAVE_UTMP_PID +- if (ut->ut_pid == r->h->cmd_pid) +- pututline(ut); +- endutent(); +-# else +- if (r->h->utmp_pos > 0) { +- MEMSET(ut, 0, sizeof(struct utmp)); +- rxvt_write_bsd_utmp(r->h->utmp_pos, ut); +- } +-# endif +-#endif +-#ifdef HAVE_STRUCT_UTMPX +- if (utx->ut_pid == r->h->cmd_pid) +- pututxline(utx); +- endutxent(); +-#endif ++ removeFromUtmp(); + } + + /* ------------------------------------------------------------------------- */ +--- ./src/init.c.orig 2002-12-03 21:21:39.000000000 -0800 ++++ ./src/init.c 2003-06-07 21:09:26.000000000 -0700 +@@ -858,6 +858,7 @@ + rxvt_print_error("aborting"); + exit(EXIT_FAILURE); + } ++ rxvt_privileged_utmp(r, SAVE); + } + + /*----------------------------------------------------------------------*/ +@@ -1364,7 +1365,6 @@ + #endif + r->num_fds++; /* counts from 0 */ + +- rxvt_privileged_utmp(r, SAVE); + return cfd; + } + +--- ./autoconf/Make.common.in.orig 2001-11-29 19:22:56.000000000 -0800 ++++ ./autoconf/Make.common.in 2003-06-07 21:08:52.000000000 -0700 +@@ -68,7 +68,7 @@ + + LIBTOOL = @LIBTOOL@ + COMPILE = $(CC) $(DEFS) $(INCLUDES) $(CPPFLAGS) $(CFLAGS) $(DEBUG) $(DINCLUDE) $(XINC) -I$(basedir) -I$(srcdir) -I. +-LINK = $(CC) $(CFLAGS) $(LDFLAGS) ++LINK = $(CC) $(CFLAGS) $(LDFLAGS) -lutempter -lutil + + # End of common section of the Makefile + #------------------------------------------------------------------------- diff --git a/patches/source/rxvt/slack-desc b/patches/source/rxvt/slack-desc new file mode 100644 index 00000000..5f278d61 --- /dev/null +++ b/patches/source/rxvt/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +rxvt: rxvt (terminal emulator) +rxvt: +rxvt: rxvt is a color vt102 terminal emulator intended as an xterm +rxvt: replacement for users who do not require features such as Tektronix +rxvt: 4014 emulation and toolkit-style configurability. As a result, rxvt +rxvt: uses much less memory -- a significant advantage on a machine serving +rxvt: many X sessions. Also included is rclock, an analog clock for X. +rxvt: +rxvt: +rxvt: +rxvt: diff --git a/patches/source/samba/doinst.sh b/patches/source/samba/doinst.sh new file mode 100644 index 00000000..c7b358ed --- /dev/null +++ b/patches/source/samba/doinst.sh @@ -0,0 +1,16 @@ +#!/bin/sh +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/rc.d/rc.samba.new +# This won't be needed. The point here is to preserve the permissions of the existing +# file, if there is one. I don't see major new development happening in rc.samba... ;-) +rm -f etc/rc.d/rc.samba.new diff --git a/patches/source/samba/prune-samba.sh b/patches/source/samba/prune-samba.sh new file mode 100755 index 00000000..a6106df3 --- /dev/null +++ b/patches/source/samba/prune-samba.sh @@ -0,0 +1,33 @@ +#!/bin/sh + +# Copyright 2010 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# Pare down the Samba sources to just Samba3 for now, and drop redundant docs. +# This script expects the samba sources to be unpacked in the current +# directory. It will then "pare" them. You'll be expected to repack them +# afterwards. + +cd samba-?.?.? || cd samba-?.?.?? || exit 1 + +rm --verbose WHATSNEW4.txt howto-ol-backend-s4.txt howto4.txt prog_guide4.txt +rm -r --verbose docs-xml packaging4 source4 swat2* +rm --verbose docs/*.pdf + diff --git a/patches/source/samba/rc.samba b/patches/source/samba/rc.samba new file mode 100644 index 00000000..2a28f3e5 --- /dev/null +++ b/patches/source/samba/rc.samba @@ -0,0 +1,45 @@ +#!/bin/sh +# +# /etc/rc.d/rc.samba +# +# Start/stop/restart the Samba SMB file/print server. +# +# To make Samba start automatically at boot, make this +# file executable: chmod 755 /etc/rc.d/rc.samba +# + +samba_start() { + if [ -x /usr/sbin/smbd -a -x /usr/sbin/nmbd -a -r /etc/samba/smb.conf ]; then + echo "Starting Samba: /usr/sbin/smbd -D" + /usr/sbin/smbd -D + echo " /usr/sbin/nmbd -D" + /usr/sbin/nmbd -D + fi +} + +samba_stop() { + killall smbd nmbd +} + +samba_restart() { + samba_stop + sleep 2 + samba_start +} + +case "$1" in +'start') + samba_start + ;; +'stop') + samba_stop + ;; +'restart') + samba_restart + ;; +*) + # Default is "start", for backwards compatibility with previous + # Slackware versions. This may change to a 'usage' error someday. + samba_start +esac + diff --git a/patches/source/samba/samba-4.6.3-4.5.9-4.4.13-CVE-2017-7494.patch b/patches/source/samba/samba-4.6.3-4.5.9-4.4.13-CVE-2017-7494.patch new file mode 100644 index 00000000..34b44373 --- /dev/null +++ b/patches/source/samba/samba-4.6.3-4.5.9-4.4.13-CVE-2017-7494.patch @@ -0,0 +1,34 @@ +From d2bc9f3afe23ee04d237ae9f4511fbe59a27ff54 Mon Sep 17 00:00:00 2001 +From: Volker Lendecke +Date: Mon, 8 May 2017 21:40:40 +0200 +Subject: [PATCH] CVE-2017-7494: rpc_server3: Refuse to open pipe names with / + inside + +Bug: https://bugzilla.samba.org/show_bug.cgi?id=12780 + +Signed-off-by: Volker Lendecke +Reviewed-by: Jeremy Allison +Reviewed-by: Stefan Metzmacher +--- + source3/rpc_server/srv_pipe.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c +index 0633b5f..c3f0cd8 100644 +--- a/source3/rpc_server/srv_pipe.c ++++ b/source3/rpc_server/srv_pipe.c +@@ -475,6 +475,11 @@ bool is_known_pipename(const char *pipename, struct ndr_syntax_id *syntax) + { + NTSTATUS status; + ++ if (strchr(pipename, '/')) { ++ DEBUG(1, ("Refusing open on pipe %s\n", pipename)); ++ return false; ++ } ++ + if (lp_disable_spoolss() && strequal(pipename, "spoolss")) { + DEBUG(10, ("refusing spoolss access\n")); + return false; +-- +1.9.1 + diff --git a/patches/source/samba/samba.SlackBuild b/patches/source/samba/samba.SlackBuild new file mode 100755 index 00000000..8963db9a --- /dev/null +++ b/patches/source/samba/samba.SlackBuild @@ -0,0 +1,233 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-$(echo samba-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-samba +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf samba-$VERSION +tar xvf $CWD/samba-$VERSION.tar.xz || exit 1 +cd samba-$VERSION || exit 1 + +if [ ! -d source3/lib/cmdline ]; then + ( cd source3/lib + mkdir cmdline + cd cmdline + ln -sf ../../../source3/include/popt_common.h . ) +fi + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Patch CVE-2017-7494: +cat $CWD/samba-4.6.3-4.5.9-4.4.13-CVE-2017-7494.patch | patch -p1 --verbose || exit 1 + +cd source3 +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +# Some of these options could be auto-detected, but declaring them +# here doesn't hurt and helps document what features we're trying to +# build in. +# +# LDFLAGS are needed to avoid problems with missing symbols. +LDFLAGS="-Wl,--no-as-needed" \ +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --bindir=/usr/bin \ + --sbindir=/usr/sbin \ + --mandir=/usr/man \ + --sysconfdir=/etc \ + --with-configdir=/etc/samba \ + --with-piddir=/var/run \ + --with-privatedir=/etc/samba/private \ + --localstatedir=/var \ + --with-lockdir=/var/cache/samba \ + --with-swatdir=/usr/share/swat \ + --with-logfilebase=/var/log/samba \ + --enable-cups \ + --enable-external-libtalloc=no \ + --enable-static=no \ + --enable-shared=yes \ + --with-acl-support=yes \ + --with-automount \ + --with-cifsmount \ + --with-cifsumount \ + --with-quotas \ + --with-syslog \ + --with-utmp \ + --with-libsmbclient \ + --with-winbind \ + --with-ldap \ + --build=$ARCH-slackware-linux + # Using with-fhs overrides our libdir, and besides we are already hard-coding + # directories. So, now we define them all explicitly... + #--with-fhs \ + +# -j options don't seem to work... +make || exit 1 + +mkdir -p \ + $PKG/usr/doc/samba-$VERSION \ + $PKG/var/spool/samba \ + $PKG/var/log/samba \ + $PKG/etc/samba/private \ + $PKG/var/cache/samba +chmod 700 $PKG/etc/samba/private +chmod 1777 $PKG/var/spool/samba + +make install-everything DESTDIR=$PKG || exit 1 + +# Install libnss_win* libraries: +mkdir -p $PKG/lib${LIBDIRSUFFIX} +cp -a ../nsswitch/libnss_winbind.so $PKG/lib${LIBDIRSUFFIX}/libnss_winbind.so.2 +cp -a ../nsswitch/libnss_wins.so $PKG/lib${LIBDIRSUFFIX}/libnss_wins.so.2 +( cd $PKG/lib${LIBDIRSUFFIX} + ln -sf libnss_winbind.so.2 libnss_winbind.so + ln -sf libnss_wins.so.2 libnss_wins.so +) + +# Install a pkgconfig file for libtalloc: +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig +if [ ! -r $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig/talloc.pc ]; then + cat $CWD/talloc.pc | sed -e "s/\/lib/\/lib${LIBDIRSUFFIX}/" > $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig/talloc.pc +fi + +## Make sure that other programs can link against libsmbclient: +#( cd $PKG/usr/lib${LIBDIRSUFFIX} +# for FILE in samba/libsmbclient.so* ; do +# ln -sf $FILE +# done +#) + +# Add some (u)mount links: +mkdir -p $PKG/sbin +( cd $PKG/sbin + # SMBFS is obsolete in the kernel now -- use mount.cifs + #rm -f mount.smbfs ; ln -sf /usr/bin/smbmount mount.smbfs + # Add a wrapper script from Debian that's included in the upstream Samba + # sources to help out people (like me ;-) who don't read every speck of + # documentation: + cat $TMP/samba-$VERSION/examples/scripts/mount/mount.smbfs > mount.smbfs + chmod 755 $PKG/sbin/mount.smbfs + # I suppose this wouldn't be the worst idea in the world, either: + ( cd $PKG/usr/bin ; ln -sf /sbin/mount.smbfs smbmount ) + rm -f mount.cifs ; ln -sf /usr/sbin/mount.cifs mount.cifs + # smbumount was giving me problems so it seems wise to play it safe + #rm -f umount.smbfs ; ln -sf /usr/bin/smbumount umount.smbfs + #rm -f umount.cifs ; ln -sf /usr/sbin/umount.cifs umount.cifs +) + +# Add a sample config file: +cat $CWD/smb.conf.default > $PKG/etc/samba/smb.conf-sample + +if [ ! -r $PKG/usr/bin/smbget ]; then + rm -f $PKG/usr/share/man/man1/smbget.1 + rm -f $PKG/usr/share/swat/help/smbget.1.html +fi + +# We'll add rc.samba to the init directory, but chmod 644 so that it doesn't +# start by default: +mkdir -p $PKG/etc/rc.d +cat $CWD/rc.samba > $PKG/etc/rc.d/rc.samba.new +chmod 644 $PKG/etc/rc.d/rc.samba.new + +mv $PKG/usr/share/man $PKG/usr +gzip -9 $PKG/usr/man/man?/*.? + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# PAM related stuff we don't use: +rm -r $PKG/usr/share/locale +rm -f $PKG/usr/man/man8/pam* + +cd .. +cp -a \ + COPYING* MAINTAINERS Manifest PFIF.txt README* \ + Read-Manifest-Now Roadmap WHATSNEW.txt docs examples \ + $PKG/usr/doc/samba-$VERSION +# These are installed elsewhere: +rm -rf $PKG/usr/doc/samba-$VERSION/docs/htmldocs \ + $PKG/usr/doc/samba-$VERSION/docs/manpages +mkdir -p $PKG/usr/doc/samba-$VERSION/docs +( cd $PKG/usr/doc/samba-$VERSION/docs + ln -sf /usr/share/swat/help htmldocs +) +# I'm sorry, but when all this info is included in HTML, adding 7MB worth of +# PDF files just to have extra artwork is more fluff than I'll agree to. +rm -f $PKG/usr/doc/samba-$VERSION/docs/*.pdf +# Also redundant also: +rm -rf $PKG/usr/doc/samba-$VERSION/docs/docbook + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cat << EOF + +*** Be sure the package contains: + +drwx------ 2 root root 1024 Mar 12 13:21 /etc/samba/private +drwxr-xr-x 2 root root 4096 May 3 15:46 /var/cache/samba/ +drwxr-xr-x 2 root root 48 Aug 29 13:06 /var/log/samba/ +drwxrwxrwt 2 root root 1024 Mar 12 13:21 /var/spool/samba/ + +EOF + +cd $PKG +/sbin/makepkg -l y -c n $TMP/samba-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/samba/slack-desc b/patches/source/samba/slack-desc new file mode 100644 index 00000000..c06b485d --- /dev/null +++ b/patches/source/samba/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +samba: samba (SMB/CIFS file and print server) +samba: +samba: Samba is an SMB/CIFS file and print server for SMB and CIFS clients. +samba: It allows you to make file space or printers on a Samba host +samba: available to SMB/CIFS clients (such as PCs running Windows). +samba: +samba: If you have any Windows file servers, you may be able to replace them +samba: or supplement them with Samba. One of Samba's big strengths is +samba: integration, so you can use it to tie together your Linux hosts and +samba: Windows PC clients. +samba: diff --git a/patches/source/samba/smb.conf.default b/patches/source/samba/smb.conf.default new file mode 100644 index 00000000..44ba134f --- /dev/null +++ b/patches/source/samba/smb.conf.default @@ -0,0 +1,271 @@ +# This is the main Samba configuration file. You should read the +# smb.conf(5) manual page in order to understand the options listed +# here. Samba has a huge number of configurable options (perhaps too +# many!) most of which are not shown in this example +# +# For a step to step guide on installing, configuring and using samba, +# read the Samba-HOWTO-Collection. This may be obtained from: +# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf +# +# Many working examples of smb.conf files can be found in the +# Samba-Guide which is generated daily and can be downloaded from: +# http://www.samba.org/samba/docs/Samba-Guide.pdf +# +# Any line which starts with a ; (semi-colon) or a # (hash) +# is a comment and is ignored. In this example we will use a # +# for commentry and a ; for parts of the config file that you +# may wish to enable +# +# NOTE: Whenever you modify this file you should run the command "testparm" +# to check that you have not made any basic syntactic errors. +# +#======================= Global Settings ===================================== +[global] + +# workgroup = NT-Domain-Name or Workgroup-Name, eg: LINUX2 + workgroup = MYGROUP + +# server string is the equivalent of the NT Description field + server string = Samba Server + +# Security mode. Defines in which mode Samba will operate. Possible +# values are share, user, server, domain and ads. Most people will want +# user level security. See the Samba-HOWTO-Collection for details. + security = user + +# This option is important for security. It allows you to restrict +# connections to machines which are on your local network. The +# following example restricts access to two C class networks and +# the "loopback" interface. For more examples of the syntax see +# the smb.conf man page +; hosts allow = 192.168.1. 192.168.2. 127. + +# If you want to automatically load your printer list rather +# than setting them up individually then you'll need this + load printers = yes + +# you may wish to override the location of the printcap file +; printcap name = /etc/printcap + +# on SystemV system setting printcap name to lpstat should allow +# you to automatically obtain a printer list from the SystemV spool +# system +; printcap name = lpstat + +# It should not be necessary to specify the print system type unless +# it is non-standard. Currently supported print systems include: +# bsd, cups, sysv, plp, lprng, aix, hpux, qnx +; printing = cups + +# Uncomment this if you want a guest account, you must add this to /etc/passwd +# otherwise the user "nobody" is used +; guest account = pcguest + +# this tells Samba to use a separate log file for each machine +# that connects + log file = /var/log/samba.%m + +# Put a capping on the size of the log files (in Kb). + max log size = 50 + +# Use password server option only with security = server +# The argument list may include: +# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name] +# or to auto-locate the domain controller/s +# password server = * +; password server = + +# Use the realm option only with security = ads +# Specifies the Active Directory realm the host is part of +; realm = MY_REALM + +# Backend to store user information in. New installations should +# use either tdbsam or ldapsam. smbpasswd is available for backwards +# compatibility. tdbsam requires no further configuration. +; passdb backend = tdbsam + +# Using the following line enables you to customise your configuration +# on a per machine basis. The %m gets replaced with the netbios name +# of the machine that is connecting. +# Note: Consider carefully the location in the configuration file of +# this line. The included file is read at that point. +; include = /usr/local/samba/lib/smb.conf.%m + +# Configure Samba to use multiple interfaces +# If you have multiple network interfaces then you must list them +# here. See the man page for details. +; interfaces = 192.168.12.2/24 192.168.13.2/24 + +# Browser Control Options: +# set local master to no if you don't want Samba to become a master +# browser on your network. Otherwise the normal election rules apply +; local master = no + +# OS Level determines the precedence of this server in master browser +# elections. The default value should be reasonable +; os level = 33 + +# Domain Master specifies Samba to be the Domain Master Browser. This +# allows Samba to collate browse lists between subnets. Don't use this +# if you already have a Windows NT domain controller doing this job +; domain master = yes + +# Preferred Master causes Samba to force a local browser election on startup +# and gives it a slightly higher chance of winning the election +; preferred master = yes + +# Enable this if you want Samba to be a domain logon server for +# Windows95 workstations. +; domain logons = yes + +# if you enable domain logons then you may want a per-machine or +# per user logon script +# run a specific logon batch file per workstation (machine) +; logon script = %m.bat +# run a specific logon batch file per username +; logon script = %U.bat + +# Where to store roving profiles (only for Win95 and WinNT) +# %L substitutes for this servers netbios name, %U is username +# You must uncomment the [Profiles] share below +; logon path = \\%L\Profiles\%U + +# Windows Internet Name Serving Support Section: +# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server +; wins support = yes + +# WINS Server - Tells the NMBD components of Samba to be a WINS Client +# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both +; wins server = w.x.y.z + +# WINS Proxy - Tells Samba to answer name resolution queries on +# behalf of a non WINS capable client, for this to work there must be +# at least one WINS Server on the network. The default is NO. +; wins proxy = yes + +# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names +# via DNS nslookups. The default is NO. + dns proxy = no + +# These scripts are used on a domain controller or stand-alone +# machine to add or delete corresponding unix accounts +; add user script = /usr/sbin/useradd %u +; add group script = /usr/sbin/groupadd %g +; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u +; delete user script = /usr/sbin/userdel %u +; delete user from group script = /usr/sbin/deluser %u %g +; delete group script = /usr/sbin/groupdel %g + + +#============================ Share Definitions ============================== +[homes] + comment = Home Directories + browseable = no + writable = yes + +# Un-comment the following and create the netlogon directory for Domain Logons +; [netlogon] +; comment = Network Logon Service +; path = /usr/local/samba/lib/netlogon +; guest ok = yes +; writable = no +; share modes = no + + +# Un-comment the following to provide a specific roving profile share +# the default is to use the user's home directory +;[Profiles] +; path = /usr/local/samba/profiles +; browseable = no +; guest ok = yes + + +# NOTE: If you have a BSD-style print system there is no need to +# specifically define each individual printer +[printers] + comment = All Printers + path = /var/spool/samba + browseable = no +# Set public = yes to allow user 'guest account' to print + guest ok = no + writable = no + printable = yes + +# This one is useful for people to share files +;[tmp] +; comment = Temporary file space +; path = /tmp +; read only = no +; public = yes + +# A publicly accessible directory, but read only, except for people in +# the "staff" group +;[public] +; comment = Public Stuff +; path = /home/samba +; public = yes +; writable = no +; printable = no +; write list = @staff + +# Other examples. +# +# A private printer, usable only by fred. Spool data will be placed in fred's +# home directory. Note that fred must have write access to the spool directory, +# wherever it is. +;[fredsprn] +; comment = Fred's Printer +; valid users = fred +; path = /homes/fred +; printer = freds_printer +; public = no +; writable = no +; printable = yes + +# A private directory, usable only by fred. Note that fred requires write +# access to the directory. +;[fredsdir] +; comment = Fred's Service +; path = /usr/somewhere/private +; valid users = fred +; public = no +; writable = yes +; printable = no + +# a service which has a different directory for each machine that connects +# this allows you to tailor configurations to incoming machines. You could +# also use the %U option to tailor it by user name. +# The %m gets replaced with the machine name that is connecting. +;[pchome] +; comment = PC Directories +; path = /usr/pc/%m +; public = no +; writable = yes + +# A publicly accessible directory, read/write to all users. Note that all files +# created in the directory by users will be owned by the default user, so +# any user with access can delete any other user's files. Obviously this +# directory must be writable by the default user. Another user could of course +# be specified, in which case all files would be owned by that user instead. +;[public] +; path = /usr/somewhere/else/public +; public = yes +; only guest = yes +; writable = yes +; printable = no + +# The following two entries demonstrate how to share a directory so that two +# users can place files there that will be owned by the specific users. In this +# setup, the directory should be writable by both users and should have the +# sticky bit set on it to prevent abuse. Obviously this could be extended to +# as many users as required. +;[myshare] +; comment = Mary's and Fred's stuff +; path = /usr/somewhere/shared +; valid users = mary fred +; public = no +; writable = yes +; printable = no +; create mask = 0765 + + diff --git a/patches/source/samba/smb.conf.default.orig b/patches/source/samba/smb.conf.default.orig new file mode 100644 index 00000000..b4e3d63e --- /dev/null +++ b/patches/source/samba/smb.conf.default.orig @@ -0,0 +1,271 @@ +# This is the main Samba configuration file. You should read the +# smb.conf(5) manual page in order to understand the options listed +# here. Samba has a huge number of configurable options (perhaps too +# many!) most of which are not shown in this example +# +# For a step to step guide on installing, configuring and using samba, +# read the Samba-HOWTO-Collection. This may be obtained from: +# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf +# +# Many working examples of smb.conf files can be found in the +# Samba-Guide which is generated daily and can be downloaded from: +# http://www.samba.org/samba/docs/Samba-Guide.pdf +# +# Any line which starts with a ; (semi-colon) or a # (hash) +# is a comment and is ignored. In this example we will use a # +# for commentry and a ; for parts of the config file that you +# may wish to enable +# +# NOTE: Whenever you modify this file you should run the command "testparm" +# to check that you have not made any basic syntactic errors. +# +#======================= Global Settings ===================================== +[global] + +# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH + workgroup = MYGROUP + +# server string is the equivalent of the NT Description field + server string = Samba Server + +# Security mode. Defines in which mode Samba will operate. Possible +# values are share, user, server, domain and ads. Most people will want +# user level security. See the Samba-HOWTO-Collection for details. + security = user + +# This option is important for security. It allows you to restrict +# connections to machines which are on your local network. The +# following example restricts access to two C class networks and +# the "loopback" interface. For more examples of the syntax see +# the smb.conf man page +; hosts allow = 192.168.1. 192.168.2. 127. + +# If you want to automatically load your printer list rather +# than setting them up individually then you'll need this + load printers = yes + +# you may wish to override the location of the printcap file +; printcap name = /etc/printcap + +# on SystemV system setting printcap name to lpstat should allow +# you to automatically obtain a printer list from the SystemV spool +# system +; printcap name = lpstat + +# It should not be necessary to specify the print system type unless +# it is non-standard. Currently supported print systems include: +# bsd, cups, sysv, plp, lprng, aix, hpux, qnx +; printing = cups + +# Uncomment this if you want a guest account, you must add this to /etc/passwd +# otherwise the user "nobody" is used +; guest account = pcguest + +# this tells Samba to use a separate log file for each machine +# that connects + log file = /usr/local/samba/var/log.%m + +# Put a capping on the size of the log files (in Kb). + max log size = 50 + +# Use password server option only with security = server +# The argument list may include: +# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name] +# or to auto-locate the domain controller/s +# password server = * +; password server = + +# Use the realm option only with security = ads +# Specifies the Active Directory realm the host is part of +; realm = MY_REALM + +# Backend to store user information in. New installations should +# use either tdbsam or ldapsam. smbpasswd is available for backwards +# compatibility. tdbsam requires no further configuration. +; passdb backend = tdbsam + +# Using the following line enables you to customise your configuration +# on a per machine basis. The %m gets replaced with the netbios name +# of the machine that is connecting. +# Note: Consider carefully the location in the configuration file of +# this line. The included file is read at that point. +; include = /usr/local/samba/lib/smb.conf.%m + +# Configure Samba to use multiple interfaces +# If you have multiple network interfaces then you must list them +# here. See the man page for details. +; interfaces = 192.168.12.2/24 192.168.13.2/24 + +# Browser Control Options: +# set local master to no if you don't want Samba to become a master +# browser on your network. Otherwise the normal election rules apply +; local master = no + +# OS Level determines the precedence of this server in master browser +# elections. The default value should be reasonable +; os level = 33 + +# Domain Master specifies Samba to be the Domain Master Browser. This +# allows Samba to collate browse lists between subnets. Don't use this +# if you already have a Windows NT domain controller doing this job +; domain master = yes + +# Preferred Master causes Samba to force a local browser election on startup +# and gives it a slightly higher chance of winning the election +; preferred master = yes + +# Enable this if you want Samba to be a domain logon server for +# Windows95 workstations. +; domain logons = yes + +# if you enable domain logons then you may want a per-machine or +# per user logon script +# run a specific logon batch file per workstation (machine) +; logon script = %m.bat +# run a specific logon batch file per username +; logon script = %U.bat + +# Where to store roving profiles (only for Win95 and WinNT) +# %L substitutes for this servers netbios name, %U is username +# You must uncomment the [Profiles] share below +; logon path = \\%L\Profiles\%U + +# Windows Internet Name Serving Support Section: +# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server +; wins support = yes + +# WINS Server - Tells the NMBD components of Samba to be a WINS Client +# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both +; wins server = w.x.y.z + +# WINS Proxy - Tells Samba to answer name resolution queries on +# behalf of a non WINS capable client, for this to work there must be +# at least one WINS Server on the network. The default is NO. +; wins proxy = yes + +# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names +# via DNS nslookups. The default is NO. + dns proxy = no + +# These scripts are used on a domain controller or stand-alone +# machine to add or delete corresponding unix accounts +; add user script = /usr/sbin/useradd %u +; add group script = /usr/sbin/groupadd %g +; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u +; delete user script = /usr/sbin/userdel %u +; delete user from group script = /usr/sbin/deluser %u %g +; delete group script = /usr/sbin/groupdel %g + + +#============================ Share Definitions ============================== +[homes] + comment = Home Directories + browseable = no + writable = yes + +# Un-comment the following and create the netlogon directory for Domain Logons +; [netlogon] +; comment = Network Logon Service +; path = /usr/local/samba/lib/netlogon +; guest ok = yes +; writable = no +; share modes = no + + +# Un-comment the following to provide a specific roving profile share +# the default is to use the user's home directory +;[Profiles] +; path = /usr/local/samba/profiles +; browseable = no +; guest ok = yes + + +# NOTE: If you have a BSD-style print system there is no need to +# specifically define each individual printer +[printers] + comment = All Printers + path = /usr/spool/samba + browseable = no +# Set public = yes to allow user 'guest account' to print + guest ok = no + writable = no + printable = yes + +# This one is useful for people to share files +;[tmp] +; comment = Temporary file space +; path = /tmp +; read only = no +; public = yes + +# A publicly accessible directory, but read only, except for people in +# the "staff" group +;[public] +; comment = Public Stuff +; path = /home/samba +; public = yes +; writable = no +; printable = no +; write list = @staff + +# Other examples. +# +# A private printer, usable only by fred. Spool data will be placed in fred's +# home directory. Note that fred must have write access to the spool directory, +# wherever it is. +;[fredsprn] +; comment = Fred's Printer +; valid users = fred +; path = /homes/fred +; printer = freds_printer +; public = no +; writable = no +; printable = yes + +# A private directory, usable only by fred. Note that fred requires write +# access to the directory. +;[fredsdir] +; comment = Fred's Service +; path = /usr/somewhere/private +; valid users = fred +; public = no +; writable = yes +; printable = no + +# a service which has a different directory for each machine that connects +# this allows you to tailor configurations to incoming machines. You could +# also use the %U option to tailor it by user name. +# The %m gets replaced with the machine name that is connecting. +;[pchome] +; comment = PC Directories +; path = /usr/pc/%m +; public = no +; writable = yes + +# A publicly accessible directory, read/write to all users. Note that all files +# created in the directory by users will be owned by the default user, so +# any user with access can delete any other user's files. Obviously this +# directory must be writable by the default user. Another user could of course +# be specified, in which case all files would be owned by that user instead. +;[public] +; path = /usr/somewhere/else/public +; public = yes +; only guest = yes +; writable = yes +; printable = no + +# The following two entries demonstrate how to share a directory so that two +# users can place files there that will be owned by the specific users. In this +# setup, the directory should be writable by both users and should have the +# sticky bit set on it to prevent abuse. Obviously this could be extended to +# as many users as required. +;[myshare] +; comment = Mary's and Fred's stuff +; path = /usr/somewhere/shared +; valid users = mary fred +; public = no +; writable = yes +; printable = no +; create mask = 0765 + + diff --git a/patches/source/samba/smb.conf.diff b/patches/source/samba/smb.conf.diff new file mode 100644 index 00000000..3573a8f0 --- /dev/null +++ b/patches/source/samba/smb.conf.diff @@ -0,0 +1,29 @@ +--- smb.conf.default.orig 2009-09-30 07:17:40.000000000 -0500 ++++ smb.conf.default 2009-10-03 15:59:26.000000000 -0500 +@@ -22,7 +22,7 @@ + #======================= Global Settings ===================================== + [global] + +-# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH ++# workgroup = NT-Domain-Name or Workgroup-Name, eg: LINUX2 + workgroup = MYGROUP + + # server string is the equivalent of the NT Description field +@@ -63,7 +63,7 @@ + + # this tells Samba to use a separate log file for each machine + # that connects +- log file = /usr/local/samba/var/log.%m ++ log file = /var/log/samba.%m + + # Put a capping on the size of the log files (in Kb). + max log size = 50 +@@ -184,7 +184,7 @@ + # specifically define each individual printer + [printers] + comment = All Printers +- path = /usr/spool/samba ++ path = /var/spool/samba + browseable = no + # Set public = yes to allow user 'guest account' to print + guest ok = no diff --git a/patches/source/samba/talloc.pc b/patches/source/samba/talloc.pc new file mode 100644 index 00000000..7a23835c --- /dev/null +++ b/patches/source/samba/talloc.pc @@ -0,0 +1,11 @@ +prefix=/usr +exec_prefix=${prefix} +libdir=${exec_prefix}/lib +includedir=${prefix}/include + +Name: talloc +Description: A hierarchical pool based memory system with destructors +Version: 2.0.1 +Libs: -L${libdir} -ltalloc +Cflags: -I${includedir} +URL: http://talloc.samba.org/ diff --git a/patches/source/sdl/sdl-1.2.14-fix-mouse-clicking.patch b/patches/source/sdl/sdl-1.2.14-fix-mouse-clicking.patch new file mode 100644 index 00000000..7d3e5acf --- /dev/null +++ b/patches/source/sdl/sdl-1.2.14-fix-mouse-clicking.patch @@ -0,0 +1,23 @@ +--- SDL-1.2.14/src/video/x11/SDL_x11events.c.orig 2010-04-08 11:57:05.003169834 -0700 ++++ SDL-1.2.14/src/video/x11/SDL_x11events.c 2010-04-08 12:33:51.690926340 -0700 +@@ -423,12 +423,15 @@ + if ( xevent.xcrossing.mode == NotifyUngrab ) + printf("Mode: NotifyUngrab\n"); + #endif +- if ( this->input_grab == SDL_GRAB_OFF ) { +- posted = SDL_PrivateAppActive(1, SDL_APPMOUSEFOCUS); ++ if ( (xevent.xcrossing.mode != NotifyGrab) && ++ (xevent.xcrossing.mode != NotifyUngrab) ) { ++ if ( this->input_grab == SDL_GRAB_OFF ) { ++ posted = SDL_PrivateAppActive(1, SDL_APPMOUSEFOCUS); ++ } ++ posted = SDL_PrivateMouseMotion(0, 0, ++ xevent.xcrossing.x, ++ xevent.xcrossing.y); + } +- posted = SDL_PrivateMouseMotion(0, 0, +- xevent.xcrossing.x, +- xevent.xcrossing.y); + } + break; + diff --git a/patches/source/sdl/sdl.SlackBuild b/patches/source/sdl/sdl.SlackBuild new file mode 100755 index 00000000..04df6110 --- /dev/null +++ b/patches/source/sdl/sdl.SlackBuild @@ -0,0 +1,253 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +VERSION=${VERSION:-$(echo SDL-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +IMAGE=${IMAGE:-$(echo SDL_image-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +MIXER=${MIXER:-$(echo SDL_mixer-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +NET=${NET:-$(echo SDL_net-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +TTF=${TTF:-$(echo SDL_ttf-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} + +BUILD=${BUILD:-3_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-sdl + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf sdl-$VERSION +tar xf $CWD/SDL-$VERSION.tar.?z* || exit 1 +cd SDL-$VERSION +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +zcat $CWD/sdl.linux-2.6.31.input_absinfo.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/sdl-1.2.14-fix-mouse-clicking.patch.gz | patch -p1 --verbose || exit 1 + +# We must use --disable-x11-shared or programs linked with SDL will +# crash on machines that use the closed source nVidia drivers. + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --disable-arts \ + --disable-esd \ + --enable-shared=yes \ + --enable-static=no \ + --disable-x11-shared + +make $NUMJOBS || make || exit 1 + +# Spam /, for mixer/image later on: +make install +# install to package: +make install DESTDIR=$PKG || exit 1 +mkdir -p $PKG/usr/doc/SDL-$VERSION/html +cp -a docs/index.html $PKG/usr/doc/SDL-$VERSION +cp -a docs/html/*.html $PKG/usr/doc/SDL-$VERSION/html +cp -a \ + BUGS COPYING CREDITS INSTALL README* TODO WhatsNew \ + $PKG/usr/doc/SDL-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Add SDL_image: +cd $TMP +rm -rf SDL_image-$IMAGE +tar xf $CWD/SDL_image-$IMAGE.tar.?z* || exit 1 +cd SDL_image-$IMAGE +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# we don't want sdl to load the libs with dlopen(), gcc is smarter... +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --enable-shared=yes \ + --enable-static=no \ + --enable-jpg-shared=no \ + --enable-png-shared=no \ + --enable-tif-shared=no + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 +mkdir -p $PKG/usr/doc/SDL_image-$IMAGE +cp -a \ + CHANGES COPYING README \ + $PKG/usr/doc/SDL_image-$IMAGE + +# Add SDL_mixer: +cd $TMP +rm -rf SDL_mixer-$MIXER +tar xf $CWD/SDL_mixer-$MIXER.tar.?z* || exit 1 +cd SDL_mixer-$MIXER + +# Fix default library path. Don't use /usr/local, and use lib64 where needed: +sed -i "s,usr/local/lib,usr/lib${LIBDIRSUFFIX},g" timidity/config.h + +# Install patched static libmikmod: +unzip libmikmod-3.1.12.zip +( cd libmikmod-3.1.12.patched + ./configure \ + --prefix=/usr/local \ + --libdir=/usr/local/lib${LIBDIRSUFFIX} \ + --with-pic \ + --enable-shared=no \ + --enable-static=yes + make $NUMJOBS || make || exit 1 + make install +) + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --enable-music-mod \ + --enable-shared=yes \ + --enable-static=no + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +mkdir -p $PKG/usr/doc/SDL_mixer-$MIXER +cp -a \ + CHANGES COPYING README \ + $PKG/usr/doc/SDL_mixer-$MIXER + +# We do not want to try to pull in -lmikmod, since that was linked static: +sed -i -e "s/ -lmikmod//g" $PKG/usr/lib${LIBDIRSUFFIX}/libSDL_mixer.la + +# Add SDL_net: +cd $TMP +rm -rf SDL_net-$NET +tar xf $CWD/SDL_net-$NET.tar.?z* || exit 1 +cd SDL_net-$NET +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --enable-shared=yes \ + --enable-static=no + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +mkdir -p $PKG/usr/doc/SDL_net-$NET +cp -a \ + CHANGES COPYING README \ + $PKG/usr/doc/SDL_net-$NET + +# Add SDL_ttf: +cd $TMP +rm -rf SDL_ttf-$TTF +tar xf $CWD/SDL_ttf-$TTF.tar.?z* || exit 1 +cd SDL_ttf-$TTF + +#zcat $CWD/SDL_ttf-2.0.8-noftinternals.diff.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --enable-shared=yes \ + --enable-static=no + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +mkdir -p $PKG/usr/doc/SDL_ttf-$TTF +cp -a \ + CHANGES COPYING README \ + $PKG/usr/doc/SDL_ttf-$TTF + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +gzip -9 $PKG/usr/man/man?/*.? + +cd $PKG +/sbin/makepkg -l y -c n $TMP/sdl-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/sdl/sdl.linux-2.6.31.input_absinfo.diff b/patches/source/sdl/sdl.linux-2.6.31.input_absinfo.diff new file mode 100644 index 00000000..685007ab --- /dev/null +++ b/patches/source/sdl/sdl.linux-2.6.31.input_absinfo.diff @@ -0,0 +1,38 @@ +--- SDL-1.2.14/src/joystick/linux/SDL_sysjoystick.c 2011-01-23 23:23:31.865198998 +0100 ++++ SDL-1.2.14/src/joystick/linux/SDL_sysjoystick.c.org 2011-01-23 23:28:12.427198998 +0100 +@@ -700,26 +700,26 @@ + continue; + } + if ( test_bit(i, absbit) ) { +- int values[5]; ++ struct input_absinfo absinfo; + +- if ( ioctl(fd, EVIOCGABS(i), values) < 0 ) ++ if ( ioctl(fd, EVIOCGABS(i), &absinfo) < 0 ) + continue; + #ifdef DEBUG_INPUT_EVENTS + printf("Joystick has absolute axis: %x\n", i); + printf("Values = { %d, %d, %d, %d, %d }\n", +- values[0], values[1], +- values[2], values[3], values[4]); ++ absinfo.value, absinfo.minimum, ++ absinfo.maximum, absinfo.fuzz, absinfo.flat); + #endif /* DEBUG_INPUT_EVENTS */ + joystick->hwdata->abs_map[i] = joystick->naxes; +- if ( values[1] == values[2] ) { ++ if ( absinfo.minimum == absinfo.maximum ) { + joystick->hwdata->abs_correct[i].used = 0; + } else { + joystick->hwdata->abs_correct[i].used = 1; + joystick->hwdata->abs_correct[i].coef[0] = +- (values[2] + values[1]) / 2 - values[4]; ++ (absinfo.maximum + absinfo.minimum) / 2 - absinfo.flat; + joystick->hwdata->abs_correct[i].coef[1] = +- (values[2] + values[1]) / 2 + values[4]; +- t = ((values[2] - values[1]) / 2 - 2 * values[4]); ++ (absinfo.maximum + absinfo.minimum) / 2 + absinfo.flat; ++ t = ((absinfo.maximum - absinfo.minimum) / 2 - 2 * absinfo.flat); + if ( t != 0 ) { + joystick->hwdata->abs_correct[i].coef[2] = (1 << 29) / t; + } else { + diff --git a/patches/source/sdl/slack-desc b/patches/source/sdl/slack-desc new file mode 100644 index 00000000..1d5d5c01 --- /dev/null +++ b/patches/source/sdl/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +sdl: sdl (Simple DirectMedia Layer library) +sdl: +sdl: This is the Simple DirectMedia Layer, a generic API that provides low +sdl: level access to audio, keyboard, mouse, joystick, 3D hardware via +sdl: OpenGL, and 2D framebuffer across multiple platforms. +sdl: +sdl: SDL links against alsa-lib, arts, audiofile, esound, and the X11 +sdl: libraries. Make sure all of these are installed if you're planning to +sdl: use SDL (a full installation will cover all of the prerequisites). +sdl: +sdl: diff --git a/patches/source/seamonkey/doinst.sh b/patches/source/seamonkey/doinst.sh new file mode 100644 index 00000000..c236bea5 --- /dev/null +++ b/patches/source/seamonkey/doinst.sh @@ -0,0 +1,11 @@ +# If there's no mozilla here, then take over: +if [ ! -r usr/bin/mozilla ]; then + ( cd usr/bin ; ln -sf seamonkey mozilla ) +fi +# Hopefully this won't break everything. ;-) +if ! grep /usr/lib/seamonkey etc/ld.so.conf 1> /dev/null 2> /dev/null ; then + echo "/usr/lib/seamonkey" >> etc/ld.so.conf +fi +if [ -x /sbin/ldconfig ]; then + /sbin/ldconfig 2> /dev/null +fi diff --git a/patches/source/seamonkey/pkgconfig/seamonkey-gtkmozembed.pc b/patches/source/seamonkey/pkgconfig/seamonkey-gtkmozembed.pc new file mode 100644 index 00000000..e5053267 --- /dev/null +++ b/patches/source/seamonkey/pkgconfig/seamonkey-gtkmozembed.pc @@ -0,0 +1,11 @@ +prefix=/usr +exec_prefix=/usr +libdir=/usr/@LIB@/seamonkey-@VERSION@ +includedir=/usr/include/seamonkey-@VERSION@ + +Name: Mozilla Gtk Embedding Widget +Description: Mozilla Embedding Widget for Gtk+ +Version: @VERSION@ +Requires: seamonkey-xpcom = @VERSION@ +Libs: -L${libdir} -lgtkembedmoz +Cflags: -I${includedir}/gtkembedmoz diff --git a/patches/source/seamonkey/pkgconfig/seamonkey-js.pc b/patches/source/seamonkey/pkgconfig/seamonkey-js.pc new file mode 100644 index 00000000..31433be2 --- /dev/null +++ b/patches/source/seamonkey/pkgconfig/seamonkey-js.pc @@ -0,0 +1,11 @@ +prefix=/usr +exec_prefix=/usr +libdir=/usr/@LIB@/seamonkey-@VERSION@ +includedir=/usr/include/seamonkey-@VERSION@ + +Name: JavaScript +Description: The Mozilla JavaScript Library +Version: @VERSION@ +Requires: seamonkey-nspr >= 4.7.1 +Libs: -L${libdir} -lmozjs +Cflags: -I${includedir}/js -DXP_UNIX -DJS_THREADSAFE diff --git a/patches/source/seamonkey/pkgconfig/seamonkey-nspr.pc b/patches/source/seamonkey/pkgconfig/seamonkey-nspr.pc new file mode 100644 index 00000000..756e996d --- /dev/null +++ b/patches/source/seamonkey/pkgconfig/seamonkey-nspr.pc @@ -0,0 +1,12 @@ +prefix=/usr +exec_prefix=/usr +libdir=/usr/@LIB@/seamonkey-@VERSION@ +includedir=/usr/include/seamonkey-@VERSION@ + +Name: NSPR +Description: The Netscape Portable Runtime +Version: 4.7.1 +Libs: -L/usr/@LIB@/seamonkey-@VERSION@ -lplds4 -lplc4 -lnspr4 -lpthread -ldl +Cflags: -I/usr/include/seamonkey-@VERSION@/nspr + + diff --git a/patches/source/seamonkey/pkgconfig/seamonkey-nss.pc b/patches/source/seamonkey/pkgconfig/seamonkey-nss.pc new file mode 100644 index 00000000..b929f202 --- /dev/null +++ b/patches/source/seamonkey/pkgconfig/seamonkey-nss.pc @@ -0,0 +1,11 @@ +prefix=/usr +exec_prefix=/usr +libdir=/usr/@LIB@/seamonkey-@VERSION@ +includedir=/usr/include/seamonkey-@VERSION@ + +Name: NSS +Description: Mozilla Network Security Services +Version: @VERSION@ +Requires: seamonkey-nspr >= 4.7.1 +Libs: -L${libdir} -lnss3 -lsmime3 -lssl3 -lsoftokn3 +Cflags: -I${includedir}/nss diff --git a/patches/source/seamonkey/pkgconfig/seamonkey-plugin.pc b/patches/source/seamonkey/pkgconfig/seamonkey-plugin.pc new file mode 100644 index 00000000..4550444a --- /dev/null +++ b/patches/source/seamonkey/pkgconfig/seamonkey-plugin.pc @@ -0,0 +1,10 @@ +prefix=/usr +exec_prefix=/usr +libdir=/usr/@LIB@/seamonkey-@VERSION@ +includedir=/usr/include/seamonkey-@VERSION@ + +Name: Mozilla Plug-In API +Description: Mozilla Plug-In API +Version: @VERSION@ +Requires: seamonkey-nspr >= 4.7.1 +Cflags: -I${includedir}/java -I${includedir}/plugin diff --git a/patches/source/seamonkey/pkgconfig/seamonkey-xpcom.pc b/patches/source/seamonkey/pkgconfig/seamonkey-xpcom.pc new file mode 100644 index 00000000..53200567 --- /dev/null +++ b/patches/source/seamonkey/pkgconfig/seamonkey-xpcom.pc @@ -0,0 +1,12 @@ +prefix=/usr +exec_prefix=/usr +libdir=/usr/@LIB@/seamonkey-@VERSION@ +includedir=/usr/include/seamonkey-@VERSION@ +idldir=/usr/share/idl/seamonkey-@VERSION@ + +Name: XPCOM +Description: The Mozilla Cross Platform Component Library +Version: @VERSION@ +Requires: seamonkey-nspr >= 4.7.1 +Libs: -L${libdir} -lxpcom +Cflags: -I${includedir} -I${includedir}/xpcom -I${includedir}/string diff --git a/patches/source/seamonkey/seamonkey-icon.png b/patches/source/seamonkey/seamonkey-icon.png new file mode 100644 index 00000000..824ab7a5 Binary files /dev/null and b/patches/source/seamonkey/seamonkey-icon.png differ diff --git a/patches/source/seamonkey/seamonkey-mail-icon.png b/patches/source/seamonkey/seamonkey-mail-icon.png new file mode 100644 index 00000000..123b077b Binary files /dev/null and b/patches/source/seamonkey/seamonkey-mail-icon.png differ diff --git a/patches/source/seamonkey/seamonkey-mail.desktop b/patches/source/seamonkey/seamonkey-mail.desktop new file mode 100644 index 00000000..1e0b62b1 --- /dev/null +++ b/patches/source/seamonkey/seamonkey-mail.desktop @@ -0,0 +1,8 @@ +[Desktop Entry] +Name=SeaMonkey Mail +Comment=Read Mail with SeaMonkey +Exec=/usr/bin/seamonkey -mail +Icon=/usr/share/pixmaps/seamonkey-mail-icon.png +Terminal=0 +Type=Application +Categories=Application;Network; diff --git a/patches/source/seamonkey/seamonkey.SlackBuild b/patches/source/seamonkey/seamonkey.SlackBuild new file mode 100755 index 00000000..b2c411b0 --- /dev/null +++ b/patches/source/seamonkey/seamonkey.SlackBuild @@ -0,0 +1,234 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +VERSION=${VERSION:-$(basename $(ls seamonkey-*.tar.* | cut -d - -f 2 | rev | cut -f 3- -d . | rev) .source)} +BUILD=${BUILD:-1_slack13.1} +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-seamonkey +rm -rf $PKG +mkdir -p $TMP $PKG/usr + +cd $TMP +rm -rf comm-1.9.1 +tar xvf $CWD/seamonkey-${VERSION}.source.tar.?z* || exit 1 +cd comm-1.9.1 || exit 1 + +# Make sure the perms/ownerships are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Fix a long standing bug that's prevented staying current on GTK+. +# Thanks to the BLFS folks. :-) +cat >> mozilla/layout/build/Makefile.in << EOF + +ifdef MOZ_ENABLE_CANVAS +EXTRA_DSO_LDOPTS += \$(XLDFLAGS) -lX11 -lXrender +endif + +EOF + +chown -R root:root . +BUILD_OFFICIAL=1 MOZILLA_OFFICIAL=1 \ +./configure --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --enable-optimize=-O2 \ + --disable-debug \ + --with-default-mozilla-five-home=/usr/lib${LIBDIRSUFFIX}/seamonkey-${VERSION} \ + --enable-strip \ + --disable-tests \ + --enable-svg \ + --enable-system-cairo \ + --enable-canvas \ + --disable-short-wchar \ + --enable-nspr-autoconf \ + --enable-extensions=default,irc \ + --enable-crypto \ + --disable-xprint \ + --without-system-nspr \ + --with-system-zlib \ + --with-system-jpeg \ + --with-system-mng \ + --enable-application=suite \ + --enable-xft \ + --host=$ARCH-slackware-linux \ + --target=$ARCH-slackware-linux \ + --build=$ARCH-slackware-linux + + # --with-system-png +make $NUMJOBS || exit 1 +DESTDIR=$PKG make install || exit 1 + +# Install js/nspr/nss headers. +for includedir in js nspr nspr/obsolete nspr/private nss plugin xpcom ; do + mkdir -p $PKG/usr/include/seamonkey-${VERSION}/$includedir + cp -aL mozilla/dist/include/${includedir}/*.h $PKG/usr/include/seamonkey-${VERSION}/$includedir +done +cp -aL mozilla/dist/include/js/*.tbl mozilla/dist/include/js/*.msg $PKG/usr/include/seamonkey-${VERSION}/js +cp -aL mozilla/dist/include/*.h $PKG/usr/include/seamonkey-${VERSION} +cp -aL mozilla/dist/sdk/include/* $PKG/usr/include/seamonkey-${VERSION} +( cd $PKG/usr/include/seamonkey-${VERSION}/plugin + for file in ../j*.h ; do + ln -sf $file . + done +) +chown -R root:root $PKG/usr/include/seamonkey-${VERSION} +find $PKG/usr/include/seamonkey-${VERSION} -name "*.h" -type f -exec chmod 644 {} \; +# Create a more generic include files symlink: +( cd $PKG/usr/include + if [ ! -e seamonkey ]; then + ln -sf seamonkey-${VERSION} seamonkey + fi +) + +# Install pkgconfig files: +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig +for file in $CWD/pkgconfig/* ; do +cat $file \ + | sed -e "s/@LIB@/lib${LIBDIRSUFFIX}/" \ + -e "s/@VERSION@/$VERSION/" \ + > $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig/$(basename $file) +done + +# Add symlinks for the pkgconfig files: +( cd $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig + ln -s seamonkey-js.pc js.pc + ln -s seamonkey-nspr.pc nspr.pc + ln -s seamonkey-nss.pc nss.pc + ln -s seamonkey-plugin.pc plugin.pc + ln -s seamonkey-xpcom.pc xpcom.pc +) + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +# Strip files: +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# This remains the standard plugin directory for all browsers. +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/mozilla/plugins + +# This is traditional. +( cd $PKG/usr/lib${LIBDIRSUFFIX} + if [ ! -e seamonkey ]; then + ln -sf seamonkey-${VERSION} seamonkey + fi +) + +mkdir -p $PKG/usr/share/applications +cp -a $CWD/*.desktop $PKG/usr/share/applications +chown -R root:root $PKG/usr/share/applications +chmod 644 $PKG/usr/share/applications/* +mkdir -p $PKG/usr/share/pixmaps +cp -a $CWD/*.png $PKG/usr/share/pixmaps +chown -R root:root $PKG/usr/share/pixmaps +chmod 644 $PKG/usr/share/pixmaps/* + +mkdir -p $PKG/usr/doc/seamonkey-$VERSION +( cd mozilla + cp -a \ + LEGAL LICENSE README.txt \ + $PKG/usr/doc/seamonkey-$VERSION +) + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + > $PKG/install/doinst.sh + +cd $TMP/package-seamonkey +/sbin/makepkg -l y -c n -p $TMP/seamonkey-$VERSION-$ARCH-$BUILD.txz + +# Create a standalone seamonkey-solibs package for RPM, gxine, etc. +rm -r $TMP/package-seamonkey-solibs +mkdir -p $TMP/package-seamonkey-solibs/usr/doc +cp -a $PKG/usr/doc/seamonkey-$VERSION $TMP/package-seamonkey-solibs/usr/doc +mkdir -p $TMP/package-seamonkey-solibs/usr/lib${LIBDIRSUFFIX}/seamonkey-${VERSION} +for file in libfreebl3.chk libfreebl3.so libmozjs.so libnspr4.so libnss3.so \ + libnssckbi.so libnssutil3.so libplc4.so libplds4.so libsmime3.so \ + libsoftokn3.chk libsoftokn3.so libssl3.so ; do + cp -a $PKG/usr/lib${LIBDIRSUFFIX}/seamonkey-${VERSION}/$file \ + $TMP/package-seamonkey-solibs/usr/lib${LIBDIRSUFFIX}/seamonkey-${VERSION} +done +mkdir $TMP/package-seamonkey-solibs/install +cat << EOF | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $TMP/package-seamonkey-solibs/install/doinst.sh +( cd usr/lib ; rm -rf seamonkey ) +( cd usr/lib ; ln -sf seamonkey-$VERSION seamonkey ) +if ! grep /usr/lib/seamonkey etc/ld.so.conf 1> /dev/null 2> /dev/null ; then + echo "/usr/lib/seamonkey" >> etc/ld.so.conf +fi +if [ -x /sbin/ldconfig ]; then + /sbin/ldconfig 2> /dev/null +fi +EOF +cat << EOF > $TMP/package-seamonkey-solibs/install/slack-desc + |-----handy-ruler------------------------------------------------------| +seamonkey-solibs: seamonkey-solibs (Shared libraries from Seamonkey) +seamonkey-solibs: +seamonkey-solibs: This package contains a subset of the shared libraries from Seamonkey +seamonkey-solibs: to provide runtime support for programs that require nss, nspr, and +seamonkey-solibs: js. These libraries are used in programs like RPM and gxine, and can +seamonkey-solibs: be used in others. This package is built from the Seamonkey sources +seamonkey-solibs: and is provided as a standalone runtime package for people who do not +seamonkey-solibs: want to install the entire seamonkey package (as for server use). +seamonkey-solibs: +seamonkey-solibs: This package is runtime only. The include files and other files for +seamonkey-solibs: development can be found in the seamonkey package. +EOF +cd $TMP/package-seamonkey-solibs +/sbin/makepkg -l y -c n -p $TMP/seamonkey-solibs-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/seamonkey/seamonkey.desktop b/patches/source/seamonkey/seamonkey.desktop new file mode 100644 index 00000000..7c988a76 --- /dev/null +++ b/patches/source/seamonkey/seamonkey.desktop @@ -0,0 +1,8 @@ +[Desktop Entry] +Name=SeaMonkey +Comment=Web Browser +Exec=/usr/bin/seamonkey +Icon=/usr/share/pixmaps/seamonkey-icon.png +Terminal=0 +Type=Application +Categories=Application;Network; diff --git a/patches/source/seamonkey/slack-desc b/patches/source/seamonkey/slack-desc new file mode 100644 index 00000000..af6ee240 --- /dev/null +++ b/patches/source/seamonkey/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +seamonkey: SeaMonkey (an open-source web browser suite) +seamonkey: +seamonkey: The SeaMonkey browser suite. SeaMonkey features a state-of-the-art +seamonkey: web browser and powerful email client, as well as a WYSIWYG web page +seamonkey: composer and a feature-rich IRC chat client. +seamonkey: +seamonkey: +seamonkey: +seamonkey: Visit the SeaMonkey project at this URL: +seamonkey: http://www.mozilla.org/projects/seamonkey/ +seamonkey: diff --git a/patches/source/sendmail/Build b/patches/source/sendmail/Build new file mode 100644 index 00000000..21950d49 --- /dev/null +++ b/patches/source/sendmail/Build @@ -0,0 +1,29 @@ +#!/bin/sh +# Copyright 2004 Slackware Linux, Inc. Concord, CA 94520 +# Copyright 2007, 2008 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# + +# A script to build .cf files from .mc files: + +for mcfile in $* ; do + /usr/bin/m4 /usr/share/sendmail/cf/m4/cf.m4 $mcfile > $(basename $mcfile .mc).cf +done + diff --git a/patches/source/sendmail/SlackBuild-sendmail b/patches/source/sendmail/SlackBuild-sendmail new file mode 100755 index 00000000..2f1ab33e --- /dev/null +++ b/patches/source/sendmail/SlackBuild-sendmail @@ -0,0 +1,168 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +VERSION=8.14.9 +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-sendmail + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG + +# Explode the package framework: +cd $PKG +explodepkg $CWD/_sendmail.tar.gz +[ -n "${LIBDIRSUFFIX}" ] && mv $PKG/usr/lib $PKG/usr/lib${LIBDIRSUFFIX} + +echo "+=================+" +echo "| sendmail.$VERSION |" +echo "+=================+" +OSCPU="`uname -srm | tr ' ' '.'`" +cd $TMP +rm -rf sendmail-$VERSION +tar xvf $CWD/sendmail.$VERSION.tar.gz || exit 1 +cd sendmail-$VERSION + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Add TLS support to the sendmail binary: +cat $CWD/site.config.m4 > devtools/Site/site.config.m4 + +# Build .cf files for Linux: +cd $TMP/sendmail-$VERSION/cf/cf +cp $CWD/*.mc . +cp linux.uucp.mc config.mc +sh Build config.cf +mv config.cf $PKG/usr/share/sendmail/linux.uucp.cf +cp sendmail-slackware.mc config.mc +sh Build config.cf +mv config.cf $PKG/usr/share/sendmail/sendmail-slackware.cf +cp sendmail-slackware-tls.mc config.mc +sh Build config.cf +mv config.cf $PKG/usr/share/sendmail/sendmail-slackware-tls.cf +cp sendmail-slackware-tls-sasl.mc config.mc +sh Build config.cf +mv config.cf $PKG/usr/share/sendmail/sendmail-slackware-tls-sasl.cf + +# Add a sample sendmail.cf: +cat $PKG/usr/share/sendmail/sendmail-slackware.cf > $PKG/etc/mail/sendmail.cf.new +cat submit.cf > $PKG/etc/mail/submit.cf.new + +cd $TMP/sendmail-$VERSION +## All "Build" does is call make while screwing up the options :-) +## sh Build +make O="$SLKCFLAGS" +#O="$SLKCFLAGS" sh Build +cat sendmail/mailq.1 | gzip -9c > $PKG/usr/man/man1/mailq.1.gz +cat sendmail/newaliases.1 | gzip -9c > $PKG/usr/man/man1/newaliases.1.gz +mkdir -p $PKG/usr/doc/sendmail-$VERSION +cp -a \ + FAQ INSTALL KNOWNBUGS LICENSE PGPKEYS README RELEASE_NOTES \ + $PKG/usr/doc/sendmail-$VERSION +( cd doc ; cp -a op $PKG/usr/doc/sendmail-$VERSION ) + +cd obj.$OSCPU/sendmail +cat sendmail > $PKG/usr/sbin/sendmail.new +cat aliases.5 | gzip -9c > $PKG/usr/man/man5/aliases.5.gz +cat sendmail.8 | gzip -9c > $PKG/usr/man/man8/sendmail.8.gz +cat statistics > $PKG/etc/mail/statistics +cat ../../sendmail/helpfile > $PKG/etc/mail/helpfile +cd ../makemap +cat makemap > $PKG/usr/sbin/makemap +cat makemap.8 | gzip -9c > $PKG/usr/man/man8/makemap.8.gz +cd ../mailstats +cat mailstats > $PKG/usr/sbin/mailstats +cat mailstats.8 | gzip -9c > $PKG/usr/man/man8/mailstats.8.gz +cd ../praliases +cat praliases > $PKG/usr/bin/praliases +chmod 755 $PKG/usr/bin/praliases +cat praliases.8 | gzip -9c > $PKG/usr/man/man8/praliases.8.gz +cd ../rmail +cat rmail > $PKG/usr/bin/rmail +cat rmail.8 | gzip -9c > $PKG/usr/man/man8/rmail.8.gz +cd ../smrsh +cat smrsh > $PKG/usr/sbin/smrsh +cat smrsh.8 | gzip -9c > $PKG/usr/man/man8/smrsh.8.gz +cd ../mail.local +cat mail.local > $PKG/usr/sbin/mail.local +cat mail.local.8 | gzip -9c > $PKG/usr/man/man8/mail.local.8.gz +cd ../vacation +cat vacation > $PKG/usr/bin/vacation +cat vacation.1 | gzip -9c > $PKG/usr/man/man1/vacation.1.gz +cd ../editmap +cat editmap > $PKG/usr/sbin/editmap +cat editmap.8 | gzip -9c > $PKG/usr/man/man8/editmap.8.gz + +# Add libmilter: +cd $TMP/sendmail-$VERSION/libmilter +./Build +cd .. +mkdir -p $PKG/usr/include +mkdir -p $PKG/usr/include/libmilter +cp -a include/libmilter/mfapi.h $PKG/usr/include/libmilter +cp -a include/libmilter/mfdef.h $PKG/usr/include/libmilter +cp -a obj.*/libmilter/libmilter.a $PKG/usr/lib${LIBDIRSUFFIX} +strip -g $PKG/usr/lib${LIBDIRSUFFIX}/libmilter.a +chmod 644 $PKG/usr/lib${LIBDIRSUFFIX}/libmilter.a $PKG/usr/include/libmilter/* +mkdir -p $PKG/usr/doc/sendmail-$VERSION/libmilter +cp -a libmilter/README $PKG/usr/doc/sendmail-$VERSION/libmilter + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +cat $CWD/slack-desc.sendmail > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/sendmail-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/sendmail/SlackBuild-sendmail-cf b/patches/source/sendmail/SlackBuild-sendmail-cf new file mode 100755 index 00000000..555f7170 --- /dev/null +++ b/patches/source/sendmail/SlackBuild-sendmail-cf @@ -0,0 +1,57 @@ +#!/bin/sh + +# Copyright 2008, 2009 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +VERSION=8.14.9 +ARCH=noarch +BUILD=${BUILD:-1_slack13.1} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-sendmail-cf + +rm -rf $PKG +mkdir -p $TMP $PKG + +echo "+====================+" +echo "| sendmail.cf.$VERSION |" +echo "+====================+" +( cd $TMP/sendmail-$VERSION ; find . -name "*~" -print -exec rm {} \; ) +cd $PKG +mkdir -p usr/share/sendmail/cf +cd usr/share/sendmail/cf +cp -a $TMP/sendmail-$VERSION/cf/README . +cp -a $TMP/package-sendmail/usr/share/sendmail/README.linux . +for dir in cf domain feature hack m4 mailer ostype sh siteconfig ; do + cp -a $TMP/sendmail-$VERSION/cf/$dir . +done +# Replace the sendmail Build script with a simple (working) one: +cp -a $PKG/usr/share/sendmail/cf/cf/Build $PKG/usr/share/sendmail/cf/cf/Build.orig +zcat $CWD/Build.gz > $PKG/usr/share/sendmail/cf/cf/Build +chown -R root.root * + +mkdir -p $PKG/install +cat $CWD/slack-desc.sendmail-cf > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/sendmail-cf-$VERSION-noarch-$BUILD.txz + diff --git a/patches/source/sendmail/linux.uucp.mc b/patches/source/sendmail/linux.uucp.mc new file mode 100644 index 00000000..ffd242bb --- /dev/null +++ b/patches/source/sendmail/linux.uucp.mc @@ -0,0 +1,8 @@ +include(`../m4/cf.m4') +VERSIONID(`linux for setup with uucp which uses domain names')dnl +OSTYPE(linux) +FEATURE(always_add_domain)dnl +MAILER(local)dnl +MAILER(smtp)dnl +MAILER(uucp) +define(`SMART_HOST', uucp-dom:otheruucphost) diff --git a/patches/source/sendmail/sendmail-slackware-tls-sasl.mc b/patches/source/sendmail/sendmail-slackware-tls-sasl.mc new file mode 100644 index 00000000..ed5753b4 --- /dev/null +++ b/patches/source/sendmail/sendmail-slackware-tls-sasl.mc @@ -0,0 +1,61 @@ +dnl# This is the a sendmail .mc file for Slackware with TLS support. +dnl# To generate the sendmail.cf file from this (perhaps after making +dnl# some changes), use the m4 files in /usr/share/sendmail/cf like this: +dnl# +dnl# cp sendmail-slackware-tls.mc /usr/share/sendmail/cf/config.mc +dnl# cd /usr/share/sendmail/cf +dnl# sh Build config.mc +dnl# +dnl# You may then install the resulting .cf file: +dnl# cp config.cf /etc/mail/sendmail.cf +dnl# +include(`../m4/cf.m4') +VERSIONID(`TLS supporting setup for Slackware Linux')dnl +OSTYPE(`linux')dnl +dnl# +dnl# You will need to create the certificates below with OpenSSL first: +define(`confCACERT_PATH', `/etc/mail/certs/') +define(`confCACERT', `/etc/mail/certs/CA.cert.pem') +define(`confSERVER_CERT', `/etc/mail/certs/smtp.cert.pem') +define(`confSERVER_KEY', `/etc/mail/certs/smtp.key.pem') +dnl# These settings help protect against people verifying email addresses +dnl# at your site in order to send you email that you probably don't want: +define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl +dnl# Uncomment the line below to send outgoing mail through an external server: +dnl define(`SMART_HOST',`mailserver.example.com') +dnl# No timeout for ident: +define(`confTO_IDENT', `0')dnl +dnl# Enable the line below to use smrsh to restrict what sendmail can run: +dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl +dnl# See the README in /usr/share/sendmail/cf for a ton of information on +dnl# how these options work: +FEATURE(`use_cw_file')dnl +FEATURE(`use_ct_file')dnl +FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl +FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl +FEATURE(`access_db', `hash -T /etc/mail/access')dnl +FEATURE(`blacklist_recipients')dnl +FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl +FEATURE(`always_add_domain')dnl +FEATURE(`redirect')dnl +FEATURE(`no_default_msa')dnl +dnl# Turn this feature on if you don't always have DNS, or enjoy junk mail: +dnl FEATURE(`accept_unresolvable_domains')dnl +EXPOSED_USER(`root')dnl +dnl# Also accept mail for localhost.localdomain: +LOCAL_DOMAIN(`localhost.localdomain')dnl +MAILER(local)dnl +MAILER(smtp)dnl +MAILER(procmail)dnl +dnl# Allow SASL authentication/relaying: +define(`confAUTH_OPTIONS', `A p y')dnl +define(`confAUTH_MECHANISMS', `LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl +TRUST_AUTH_MECH(`LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl +DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl +dnl# Daemon options after M= below that might need to be changed are: +dnl# s (allow SSL, not only TLS) +dnl# a (require authentication) +DAEMON_OPTIONS(`Port=smtps, Name=MSA-SSL, M=Esa')dnl +LOCAL_CONFIG +dnl# Do not allow the weak SSLv2: +O CipherList=ALL:!ADH:!NULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:+SSLv3:+TLSv1:-SSLv2:+EXP:+eNULL diff --git a/patches/source/sendmail/sendmail-slackware-tls.mc b/patches/source/sendmail/sendmail-slackware-tls.mc new file mode 100644 index 00000000..01a66775 --- /dev/null +++ b/patches/source/sendmail/sendmail-slackware-tls.mc @@ -0,0 +1,56 @@ +dnl# This is the a sendmail .mc file for Slackware with TLS support. +dnl# To generate the sendmail.cf file from this (perhaps after making +dnl# some changes), use the m4 files in /usr/share/sendmail/cf like this: +dnl# +dnl# cp sendmail-slackware-tls.mc /usr/share/sendmail/cf/config.mc +dnl# cd /usr/share/sendmail/cf +dnl# sh Build config.mc +dnl# +dnl# You may then install the resulting .cf file: +dnl# cp config.cf /etc/mail/sendmail.cf +dnl# +include(`../m4/cf.m4') +VERSIONID(`TLS supporting setup for Slackware Linux')dnl +OSTYPE(`linux')dnl +dnl# +dnl# You will need to create the certificates below with OpenSSL first: +define(`confCACERT_PATH', `/etc/mail/certs/') +define(`confCACERT', `/etc/mail/certs/CA.cert.pem') +define(`confSERVER_CERT', `/etc/mail/certs/smtp.cert.pem') +define(`confSERVER_KEY', `/etc/mail/certs/smtp.key.pem') +dnl# These settings help protect against people verifying email addresses +dnl# at your site in order to send you email that you probably don't want: +define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl +dnl# Uncomment the line below to send outgoing mail through an external server: +dnl define(`SMART_HOST',`mailserver.example.com') +dnl# No timeout for ident: +define(`confTO_IDENT', `0')dnl +dnl# Enable the line below to use smrsh to restrict what sendmail can run: +dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl +dnl# See the README in /usr/share/sendmail/cf for a ton of information on +dnl# how these options work: +FEATURE(`use_cw_file')dnl +FEATURE(`use_ct_file')dnl +FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl +FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl +FEATURE(`access_db', `hash -T /etc/mail/access')dnl +FEATURE(`blacklist_recipients')dnl +FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl +FEATURE(`always_add_domain')dnl +FEATURE(`redirect')dnl +dnl# Turn this feature on if you don't always have DNS, or enjoy junk mail: +dnl FEATURE(`accept_unresolvable_domains')dnl +EXPOSED_USER(`root')dnl +dnl# Also accept mail for localhost.localdomain: +LOCAL_DOMAIN(`localhost.localdomain')dnl +MAILER(local)dnl +MAILER(smtp)dnl +MAILER(procmail)dnl +DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl +dnl# Daemon options after M= below that might need to be changed are: +dnl# s (allow SSL, not only TLS) +dnl# a (require authentication) +DAEMON_OPTIONS(`Port=smtps, Name=MSA-SSL, M=Es')dnl +LOCAL_CONFIG +dnl# Do not allow the weak SSLv2: +O CipherList=ALL:!ADH:!NULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:+SSLv3:+TLSv1:-SSLv2:+EXP:+eNULL diff --git a/patches/source/sendmail/sendmail-slackware.mc b/patches/source/sendmail/sendmail-slackware.mc new file mode 100644 index 00000000..4fd4620b --- /dev/null +++ b/patches/source/sendmail/sendmail-slackware.mc @@ -0,0 +1,42 @@ +dnl# This is the default sendmail .mc file for Slackware. To generate +dnl# the sendmail.cf file from this (perhaps after making some changes), +dnl# use the m4 files in /usr/share/sendmail/cf like this: +dnl# +dnl# cp sendmail-slackware.mc /usr/share/sendmail/cf/config.mc +dnl# cd /usr/share/sendmail/cf +dnl# sh Build config.cf +dnl# +dnl# You may then install the resulting .cf file: +dnl# cp config.cf /etc/mail/sendmail.cf +dnl# +include(`../m4/cf.m4') +VERSIONID(`default setup for Slackware Linux')dnl +OSTYPE(`linux')dnl +dnl# These settings help protect against people verifying email addresses +dnl# at your site in order to send you email that you probably don't want: +define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl +dnl# Uncomment the line below to send outgoing mail through an external server: +dnl define(`SMART_HOST',`mailserver.example.com') +dnl# No timeout for ident: +define(`confTO_IDENT', `0')dnl +dnl# Enable the line below to use smrsh to restrict what sendmail can run: +dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl +dnl# See the README in /usr/share/sendmail/cf for a ton of information on +dnl# how these options work: +FEATURE(`use_cw_file')dnl +FEATURE(`use_ct_file')dnl +FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl +FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl +FEATURE(`access_db', `hash -T /etc/mail/access')dnl +FEATURE(`blacklist_recipients')dnl +FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl +FEATURE(`always_add_domain')dnl +FEATURE(`redirect')dnl +dnl# Turn this feature on if you don't always have DNS, or enjoy junk mail: +dnl FEATURE(`accept_unresolvable_domains')dnl +EXPOSED_USER(`root')dnl +dnl# Also accept mail for localhost.localdomain: +LOCAL_DOMAIN(`localhost.localdomain')dnl +MAILER(local)dnl +MAILER(smtp)dnl +MAILER(procmail)dnl diff --git a/patches/source/sendmail/sendmail.SlackBuild b/patches/source/sendmail/sendmail.SlackBuild new file mode 100755 index 00000000..462f16e9 --- /dev/null +++ b/patches/source/sendmail/sendmail.SlackBuild @@ -0,0 +1,3 @@ +#!/bin/sh +./SlackBuild-sendmail $* +./SlackBuild-sendmail-cf $* diff --git a/patches/source/sendmail/site.config.m4 b/patches/source/sendmail/site.config.m4 new file mode 100644 index 00000000..09b1d72f --- /dev/null +++ b/patches/source/sendmail/site.config.m4 @@ -0,0 +1,8 @@ +APPENDDEF(`confENVDEF', `-DNETINET6') +APPENDDEF(`confMAPDEF', `-DNEWDB -DSTARTTLS -DSASL=2 -DTCPWRAPPERS -DNIS -DMAP_REGEX -DSOCKETMAP') +APPENDDEF(`confLIBS', `-lnsl -lssl -lcrypto -lsasl2 -lwrap -lm -ldb -lresolv') +APPENDDEF(`conf_libmilter_ENVDEF', `-DMILTER') +APPENDDEF(`conf_sendmail_ENVDEF', `-DMILTER') +APPENDDEF(`conf_libmilter_ENVDEF', `-D_FFR_MILTER_ROOT_UNSAFE ') +APPENDDEF(`confENVDEF', `-DBROKEN_PTHREAD_SLEEP') +APPENDDEF(`confENVDEF', `-D_FFR_TLS_1')dnl diff --git a/patches/source/sendmail/slack-desc.sendmail b/patches/source/sendmail/slack-desc.sendmail new file mode 100644 index 00000000..cdcc9387 --- /dev/null +++ b/patches/source/sendmail/slack-desc.sendmail @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +sendmail: sendmail (mail transfer agent) +sendmail: +sendmail: Eric Allman's mail transport agent. The _Unix System Administration +sendmail: Handbook_ calls sendmail 'The most complex and complete mail delivery +sendmail: system in common use...' +sendmail: +sendmail: Ready-made configuration files are included for systems connected by +sendmail: TCP/IP (with or without a nameserver) and for systems using UUCP. +sendmail: +sendmail: The procmail package is required to handle local mail delivery. +sendmail: diff --git a/patches/source/sendmail/slack-desc.sendmail-cf b/patches/source/sendmail/slack-desc.sendmail-cf new file mode 100644 index 00000000..df56efdc --- /dev/null +++ b/patches/source/sendmail/slack-desc.sendmail-cf @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +sendmail-cf: sendmail-cf (configuration files for sendmail) +sendmail-cf: +sendmail-cf: These files are used to create sendmail.cf configuration files. The +sendmail-cf: m4 macro processor is also required in order to make use of these +sendmail-cf: files. +sendmail-cf: +sendmail-cf: The files and documentation in /usr/share/sendmail should make it +sendmail-cf: possible to support virtually any mail configuration. NOTE: You +sendmail-cf: probably won't need this package if you're planning to use one of the +sendmail-cf: sendmail.cf samples included in the sendmail package. +sendmail-cf: diff --git a/patches/source/shadow/adduser b/patches/source/shadow/adduser new file mode 100644 index 00000000..5b674a85 --- /dev/null +++ b/patches/source/shadow/adduser @@ -0,0 +1,440 @@ +#!/bin/bash +# +# Copyright 1995 Hrvoje Dogan, Croatia. +# Copyright 2002-2004, 2008, 2009, 2010 Stuart Winter, Surrey, England, UK. +# Copyright 2004, 2008-2010 Slackware Linux, Inc., Concord, CA, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# +# +########################################################################## +# Program: /usr/sbin/adduser +# Purpose: Interactive front end to /usr/sbin/useradd for Slackware Linux +# Author : Stuart Winter +# Based on the original Slackware adduser by Hrvoje Dogan +# with modifications by Patrick Volkerding +# Version: 1.13 +########################################################################## +# Usage..: adduser [] +########################################################################## +# History # +########### +# v1.13 - 13/01/10 +# * Fixed bug that removed underscore characters from UNIX group names. +# Thanks to mRgOBLIN for the report and Jim Hawkins for the fix. +# v1.12 - 21/07/09 +# * Adjusted the search of /etc/passwd to exclude the NIS inclusion +# string. Thanks to Dominik L. Borkowski. +# v1.11 - 04/06/09 +# * Add power and netdev to the suggested group list +# v1.10 - 24/03/08 +# * To facilitate use of the automatic mounting features of HAL, +# allow the admin to easily add users to the default groups: +# audio,cdrom,video,plugdev,floppy. +# The default is not to add new users to these groups. +# And by the way, this script is "useradd from Slackware" not +# "superadduser from Gentoo" ;-) +# v1.09 - 07/06/04 +# * Added standard Slackware script licence to the head of this file. +# v1.08 - 25/04/04 +# * Disallow user names that begin with a numeric because useradd +# (from shadow v4.03) does not allow them. +# v1.07 - 07/03/03 +# * When supplying a null string for the uid (meaning 'Choose next available'), +# if there were file names in the range 'a-z' in the pwd then the +# egrep command considered these files rather than the null string. +# The egrep expression is now in quotes. +# Reported & fixed by Vadim O. Ustiansky +# v1.06 - 31/03/03 +# * Ask to chown user.group the home directory if it already exists. +# This helps reduce later confusion when adding users whose home dir +# already exists (mounted partition for example) and is owned +# by a user other than the user to which the directory is being +# assigned as home. Default is not to chown. +# Brought to my attention by mRgOBLIN. +# v1.05 - 04/01/03 +# * Advise & prevent users from creating logins with '.' characters +# in the user name. +# * Made pending account creation info look neater +# v1.04 - 09/06/02 +# * Catered for shadow-4.0.3's 'useradd' binary that no longer +# will let you create a user that has any uppercase chars in it +# This was reported on the userlocal.org forums +# by 'xcp' - thanks. +# v1.03 - 20/05/02 +# * Support 'broken' (null lines in) /etc/passwd and +# /etc/group files +# * For recycling UIDs (default still 'off'), we now look in +# /etc/login.defs for the UID_MIN value and use it +# If not found then default to 1000 +# v1.02 - 10/04/02 +# * Fix user-specified UID bug. +# v1.01 - 23/03/02 +# * Match Slackware indenting style, simplify. +# v1.00 - 22/03/02 +# * Created +####################################################################### + +# Path to files +pfile=/etc/passwd +gfile=/etc/group +sfile=/etc/shells + +# Paths to binaries +useradd=/usr/sbin/useradd +chfn=/usr/bin/chfn +passwd=/usr/bin/passwd +chmod=/bin/chmod + +# Defaults +defhome=/home +defshell=/bin/bash +defchmod=711 # home dir permissions - may be preferable to use 701, however. +defgroup=users +AGID="audio cdrom floppy plugdev video power netdev" # additional groups for desktop users + +# Determine what the minimum UID is (for UID recycling) +# (we ignore it if it's not at the beginning of the line (i.e. commented out with #)) +export recycleUIDMIN="$(grep ^UID_MIN /etc/login.defs | awk '{print $2}' 2>/dev/null)" +# If we couldn't find it, set it to the default of 1000 +if [ -z "$recycleUIDMIN" ]; then + export recycleUIDMIN=1000 # this is the default from Slackware's /etc/login.defs +fi + + +# This setting enables the 'recycling' of older unused UIDs. +# When you userdel a user, it removes it from passwd and shadow but it will +# never get used again unless you specify it expliticly -- useradd (appears to) just +# look at the last line in passwd and increment the uid. I like the idea of +# recycling uids but you may have very good reasons not to (old forgotten +# confidential files still on the system could then be owned by this new user). +# We'll set this to no because this is what the original adduser shell script +# did and it's what users expect. +recycleuids=no + +# Function to read keyboard input. +# bash1 is broken (even ash will take read -ep!), so we work around +# it (even though bash1 is no longer supported on Slackware). +function get_input() { + local output + if [ "`echo $BASH_VERSION | cut -b1`" = "1" ]; then + echo -n "${1} " >&2 # fudge for use with bash v1 + read output + else # this should work with any other /bin/sh + read -ep "${1} " output + fi + echo $output +} + +# Function to display the account info +function display () { + local goose + goose="$(echo $2 | cut -d ' ' -f 2-)" # lop off the prefixed argument useradd needs + echo -n "$1 " + # If it's null then display the 'other' information + if [ -z "$goose" -a ! -z "$3" ]; then + echo "$3" + else + echo "$goose" + fi +} + +# Function to check whether groups exist in the /etc/group file +function check_group () { + local got_error group + if [ ! -z "$@" ]; then + for group in $@ ; do + local uid_not_named="" uid_not_num="" + grep -v "$^" $gfile | awk -F: '{print $1}' | grep "^${group}$" >/dev/null 2>&1 || uid_not_named=yes + grep -v "$^" $gfile | awk -F: '{print $3}' | grep "^${group}$" >/dev/null 2>&1 || uid_not_num=yes + if [ ! -z "$uid_not_named" -a ! -z "$uid_not_num" ]; then + echo "- Group '$group' does not exist" + got_error=yes + fi + done + fi + # Return exit code of 1 if at least one of the groups didn't exist + if [ ! -z "$got_error" ]; then + return 1 + fi +} + +#: Read the login name for the new user :# +# +# Remember that most Mail Transfer Agents are case independant, so having +# 'uSer' and 'user' may cause confusion/things to break. Because of this, +# useradd from shadow-4.0.3 no longer accepts usernames containing uppercase, +# and we must reject them, too. + +# Set the login variable to the command line param +echo +LOGIN="$1" +needinput=yes +while [ ! -z $needinput ]; do + if [ -z "$LOGIN" ]; then + while [ -z "$LOGIN" ]; do LOGIN="$(get_input "Login name for new user []:")" ; done + fi + grep "^${LOGIN}:" $pfile >/dev/null 2>&1 # ensure it's not already used + if [ $? -eq 0 ]; then + echo "- User '$LOGIN' already exists; please choose another" + unset LOGIN + elif [ ! -z "$( echo $LOGIN | grep "^[0-9]" )" ]; then + echo "- User names cannot begin with a number; please choose another" + unset LOGIN + elif [ ! "$LOGIN" = "`echo $LOGIN | tr A-Z a-z`" ]; then # useradd does not allow uppercase + echo "- User '$LOGIN' contains illegal characters (uppercase); please choose another" + unset LOGIN + elif [ ! -z "$( echo $LOGIN | grep '\.' )" ]; then + echo "- User '$LOGIN' contains illegal characters (period/dot); please choose another" + unset LOGIN + else + unset needinput + fi +done + +# Display the user name passed from the shell if it hasn't changed +if [ "$1" = "$LOGIN" ]; then + echo "Login name for new user: $LOGIN" +fi + +#: Get the UID for the user & ensure it's not already in use :# +# +# Whilst we _can_ allow users with identical UIDs, it's not a 'good thing' because +# when you change password for the uid, it finds the first match in /etc/passwd +# which isn't necessarily the correct user +# +echo +needinput=yes +while [ ! -z "$needinput" ]; do + _UID="$(get_input "User ID ('UID') [ defaults to next available ]:")" + egrep -v "^$|^\+" $pfile | awk -F: '{print $3}' | grep "^${_UID}$" >/dev/null 2>&1 + if [ $? -eq 0 ]; then + echo "- That UID is already in use; please choose another" + elif [ ! -z "$(echo $_UID | egrep '[A-Za-z]')" ]; then + echo "- UIDs are numerics only" + else + unset needinput + fi +done +# If we were given a UID, then syntax up the variable to pass to useradd +if [ ! -z "$_UID" ]; then + U_ID="-u ${_UID}" +else + # Will we be recycling UIDs? + if [ "$recycleuids" = "yes" ]; then + U_ID="-u $(awk -F: '{uid[$3]=1} END { for (i=ENVIRON["recycleUIDMIN"];i in uid;i++);print i}' $pfile)" + fi +fi + +#: Get the initial group for the user & ensure it exists :# +# +# We check /etc/group for both the text version and the group ID number +echo +needinput=yes +while [ ! -z "$needinput" ]; do + GID="$(get_input "Initial group [ ${defgroup} ]:")" + check_group "$GID" + if [ $? -gt 0 ]; then + echo "- Please choose another" + else + unset needinput + fi +done +# Syntax the variable ready for useradd +if [ -z "$GID" ]; then + GID="-g ${defgroup}" +else + GID="-g ${GID}" +fi + +#: Get additional groups for the user :# +# +echo "Additional UNIX groups:" +echo +echo "Users can belong to additional UNIX groups on the system." +echo "For local users using graphical desktop login managers such" +echo "as XDM/KDM, users may need to be members of additional groups" +echo "to access the full functionality of removable media devices." +echo +echo "* Security implications *" +echo "Please be aware that by adding users to additional groups may" +echo "potentially give access to the removable media of other users." +echo +echo "If you are creating a new user for remote shell access only," +echo "users do not need to belong to any additional groups as standard," +echo "so you may press ENTER at the next prompt." +echo +needinput=yes +while [ ! -z "$needinput" ]; do + history -c + history -s "$AGID" + echo "Press ENTER to continue without adding any additional groups" + echo "Or press the UP arrow key to add/select/edit additional groups" + AGID="$(get_input ": " | sed 's/[^A-Za-z0-9 _]//g;s/ */ /g;s/^ $//g' )" + if [ ! -z "$AGID" ]; then + check_group "$AGID" # check all groups at once (treated as N # of params) + if [ $? -gt 0 ]; then + echo "- Please re-enter the group(s)" + echo + else + unset needinput # we found all groups specified + AGID="-G $(echo $AGID | tr ' ' ,)" # useradd takes comma delimited groups + fi + else + unset needinput # we don't *have* to have additional groups + fi +done + +#: Get the new user's home dir :# +# +echo +needinput=yes +while [ ! -z "$needinput" ]; do + HME="$(get_input "Home directory [ ${defhome}/${LOGIN} ]")" + if [ -z "$HME" ]; then + HME="${defhome}/${LOGIN}" + fi + # Warn the user if the home dir already exists + if [ -d "$HME" ]; then + echo "- Warning: '$HME' already exists !" + getyn="$(get_input " Do you wish to change the home directory path ? (Y/n) ")" + if [ "$(echo $getyn | grep -i "n")" ]; then + unset needinput + # You're most likely going to only do this if you have the dir *mounted* for this user's $HOME + getyn="$(get_input " Do you want to chown $LOGIN.$( echo $GID | awk '{print $2}') $HME ? (y/N) ")" + if [ "$(echo $getyn | grep -i "y")" ]; then + CHOWNHOMEDIR=$HME # set this to the home directory + fi + fi + else + unset needinput + fi +done +HME="-d ${HME}" + +#: Get the new user's shell :# +echo +needinput=yes +while [ ! -z "$needinput" ]; do + unset got_error + SHL="$(get_input "Shell [ ${defshell} ]")" + if [ -z "$SHL" ]; then + SHL="${defshell}" + fi + # Warn the user if the shell doesn't exist in /etc/shells or as a file + if [ -z "$(grep "^${SHL}$" $sfile)" ]; then + echo "- Warning: ${SHL} is not in ${sfile} (potential problem using FTP)" + got_error=yes + fi + if [ ! -f "$SHL" ]; then + echo "- Warning: ${SHL} does not exist as a file" + got_error=yes + fi + if [ ! -z "$got_error" ]; then + getyn="$(get_input " Do you wish to change the shell ? (Y/n) ")" + if [ "$(echo $getyn | grep -i "n")" ]; then + unset needinput + fi + else + unset needinput + fi +done +SHL="-s ${SHL}" + +#: Get the expiry date :# +echo +needinput=yes +while [ ! -z "$needinput" ]; do + EXP="$(get_input "Expiry date (YYYY-MM-DD) []:")" + if [ ! -z "$EXP" ]; then + # Check to see whether the expiry date is in the valid format + if [ -z "$(echo "$EXP" | grep "^[[:digit:]]\{4\}[-]\?[[:digit:]]\{2\}[-]\?[[:digit:]]\{2\}$")" ]; then + echo "- That is not a valid expiration date" + else + unset needinput + EXP="-e ${EXP}" + fi + else + unset needinput + fi +done + +# Display the info about the new impending account +echo +echo "New account will be created as follows:" +echo +echo "---------------------------------------" +display "Login name.......: " "$LOGIN" +display "UID..............: " "$_UID" "[ Next available ]" +display "Initial group....: " "$GID" +display "Additional groups: " "$AGID" "[ None ]" +display "Home directory...: " "$HME" +display "Shell............: " "$SHL" +display "Expiry date......: " "$EXP" "[ Never ]" +echo + +echo "This is it... if you want to bail out, hit Control-C. Otherwise, press" +echo "ENTER to go ahead and make the account." +read junk + +echo +echo "Creating new account..." +echo +echo + +# Add the account to the system +CMD="$useradd "$HME" -m "$EXP" "$U_ID" "$GID" "$AGID" "$SHL" "$LOGIN"" +$CMD + +if [ $? -gt 0 ]; then + echo "- Error running useradd command -- account not created!" + echo "(cmd: $CMD)" + exit 1 +fi + +# chown the home dir ? We can only do this once the useradd has +# completed otherwise the user name doesn't exist. +if [ ! -z "${CHOWNHOMEDIR}" ]; then + chown "$LOGIN"."$( echo $GID | awk '{print $2}')" "${CHOWNHOMEDIR}" +fi + +# Set the finger information +$chfn "$LOGIN" +if [ $? -gt 0 ]; then + echo "- Warning: an error occurred while setting finger information" +fi + +# Set a password +$passwd "$LOGIN" +if [ $? -gt 0 ]; then + echo "* WARNING: An error occured while setting the password for" + echo " this account. Please manually investigate this *" + exit 1 +fi + +# If it was created (it should have been!), set the permissions for that user's dir +HME="$(echo "$HME" | awk '{print $2}')" # We have to remove the -g prefix +if [ -d "$HME" ]; then + $chmod $defchmod "$HME" +fi + +echo +echo +echo "Account setup complete." +exit 0 diff --git a/patches/source/shadow/doinst.sh b/patches/source/shadow/doinst.sh new file mode 100644 index 00000000..88fefb3a --- /dev/null +++ b/patches/source/shadow/doinst.sh @@ -0,0 +1,17 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +config etc/login.access.new +config etc/login.defs.new +config var/log/faillog.new +rm -f var/log/faillog.new + diff --git a/patches/source/shadow/login.defs b/patches/source/shadow/login.defs new file mode 100644 index 00000000..dde37c97 --- /dev/null +++ b/patches/source/shadow/login.defs @@ -0,0 +1,387 @@ +# +# /etc/login.defs - Configuration control definitions for the shadow package. +# +# $Id: login.defs 3038 2009-07-23 20:41:35Z nekral-guest $ +# + +# +# Delay in seconds before being allowed another attempt after a login failure +# +FAIL_DELAY 3 + +# +# Enable logging and display of /var/log/faillog login failure info. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable logging and display of /var/log/lastlog login time info. +# +LASTLOG_ENAB yes + +# +# Enable checking and display of mailbox status upon login. +# +# Disable if the shell startup files already check for mail +# ("mailx -e" or equivalent). +# +MAIL_CHECK_ENAB yes + +# +# Enable additional checks upon password changes. +# +OBSCURE_CHECKS_ENAB yes + +# +# Enable checking of time restrictions specified in /etc/porttime. +# +PORTTIME_CHECKS_ENAB yes + +# +# Enable setting of ulimit, umask, and niceness from passwd gecos field. +# +QUOTAS_ENAB yes + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +CONSOLE /etc/securetty +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, ":" delimited list of "message of the day" files to +# be displayed upon login. +# +MOTD_FILE /etc/motd +#MOTD_FILE /etc/motd:/usr/lib/news/news-motd + +# +# If defined, this file will be output before each login prompt. +# +#ISSUE_FILE /etc/issue + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format. +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, name of file whose presence which will inhibit non-root +# logins. The contents of this file should be a message indicating +# why logins are inhibited. +# +NOLOGINS_FILE /etc/nologin + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# *REQUIRED* +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define both, MAIL_DIR takes precedence. +# +MAIL_DIR /var/spool/mail +#MAIL_FILE .mail + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# If defined, either a TZ environment parameter spec or the +# fully-rooted pathname of a file containing such a spec. +# +#ENV_TZ TZ=CST6CDT +#ENV_TZ /etc/tzname + +# +# If defined, an HZ environment parameter spec. +# +# for Linux/x86 +ENV_HZ HZ=100 +# For Linux/Alpha... +#ENV_HZ HZ=1024 + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/sbin:/usr/sbin:/bin:/usr/bin +ENV_PATH PATH=/usr/local/bin:/bin:/usr/bin + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +TTYGROUP tty +TTYPERM 0620 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# ULIMIT Default "ulimit" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# The ULIMIT is used only if the system supports it. +# (now it works with setrlimit too; ulimit is in 512-byte units) +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +#ULIMIT 2097152 + +# Default initial "umask" value. +# UMASK is also used by useradd and newusers to set the mode of new home +# directories. +# 022 is the default value, but 027, or even 077, could be considered +# better for privacy. There is no One True Answer here: each sysadmin +# must make up her mind. +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_MIN_LEN Minimum acceptable password length. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_MIN_LEN 5 +PASS_WARN_AGE 7 + +# +# If "yes", the user must be listed as a member of the first gid 0 group +# in /etc/group (called "root" on most Linux systems) to be able to "su" +# to uid 0 accounts. If the group doesn't exist or is empty, no one +# will be able to "su" to uid 0. +# +SU_WHEEL_ONLY no + +# +# If compiled with cracklib support, where are the dictionaries +# +#CRACKLIB_DICTPATH /var/cache/cracklib/cracklib_dict + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +SYS_UID_MIN 101 +SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +SYS_GID_MIN 101 +SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Maximum number of attempts to change password if rejected (too easy) +# +PASS_CHANGE_TRIES 5 + +# +# Warn about weak passwords (but still allow them) if you are root. +# +PASS_ALWAYS_WARN yes + +# +# Number of significant characters in the password for crypt(). +# Default is 8, don't change unless your crypt() is better. +# Ignored if MD5_CRYPT_ENAB set to "yes". +# +#PASS_MAX_LEN 8 + +# +# Require password before chfn/chsh can make any changes. +# +CHFN_AUTH yes + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT frwh + +# +# Password prompt (%s will be replaced by user name). +# +# XXX - it doesn't work correctly yet, for now leave it commented out +# to use the default which is just "Password: ". +#LOGIN_STRING "%s's Password: " + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# Only works if compiled with ENCRYPTMETHOD_SELECT defined: +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +ENCRYPT_METHOD MD5 + +# +# Only works if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# Most of these groups are self-explanatory. +# +# Note that users are added to these default groups only when +# logging into a shell with /bin/login, not when using a login +# manager such as kdm. In that case, users who should have +# hardware access must be added to the appropriate groups +# when the user is added with adduser or useradd, or by editing +# /etc/group directly, preferably using "vigr" +# +CONSOLE_GROUPS floppy:audio:cdrom:video:scanner + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If this file exists and is readable, login environment will be +# read from it. Every line should be in the form name=value. +# +ENVIRON_FILE /etc/environment + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# Enable setting of the umask group bits to be the same as owner bits +# (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is +# the same as gid, and username is the same as the primary group name. +# +# This also enables userdel to remove user groups if no members exist. +# +USERGROUPS_ENAB yes + +# +# If set to a non-nul number, the shadow utilities will make sure that +# groups never have more than this number of users on one line. +# This permit to support split groups (groups split into multiple lines, +# with the same group ID, to avoid limitation of the line length in the +# group file). +# +# 0 is the default value and disables this feature. +# +#MAX_MEMBERS_PER_GROUP 0 + +# +# If useradd should create home directories for users by default (non +# system users only) +# This option is overridden with the -M or -m flags on the useradd command +# line. +# +#CREATE_HOME yes + diff --git a/patches/source/shadow/patches/README_PATCHES b/patches/source/shadow/patches/README_PATCHES new file mode 100644 index 00000000..0c639d1a --- /dev/null +++ b/patches/source/shadow/patches/README_PATCHES @@ -0,0 +1,9 @@ + +r3054.diff: Fixed wrong format string +r3055.diff: Help output to stderr not stdout. +r3060.diff: Fix memory leaks +r3062.diff: Avoid memzero() on a possibly NULL pointer. +r3096.diff: Fix parsing of gshadow entries. +r3160.diff: Fixed limits support (non PAM enabled versions only) +r3194.diff: shell's name must be -su when a su fakes a login. +r3299.diff: man/ru/Makefile.am: Remove double inclusion of $(man_nopam) diff --git a/patches/source/shadow/patches/r3054.diff b/patches/source/shadow/patches/r3054.diff new file mode 100644 index 00000000..dc1eab13 --- /dev/null +++ b/patches/source/shadow/patches/r3054.diff @@ -0,0 +1,27 @@ +* src/useradd.c: Fixed wrong format string. +* lib/gshadow.c: Removed declaration of unused variable. + +=================================================================== +--- src/useradd.c (revision 3052) ++++ src/useradd.c (revision 3054) +@@ -684,7 +684,7 @@ + static void usage (void) + { + (void) fprintf (stderr, +- _("Usage: useradd [options] LOGIN\n" ++ _("Usage: %s [options] LOGIN\n" + "\n" + "Options:\n"), + Prog); + +=================================================================== +--- lib/gshadow.c (revision 3052) ++++ lib/gshadow.c (revision 3054) +@@ -216,7 +216,6 @@ + static char *buf = NULL; + + char *cp; +- struct sgrp *ret; + + if (0 == buflen) { + buf = (char *) malloc (BUFSIZ); diff --git a/patches/source/shadow/patches/r3055.diff b/patches/source/shadow/patches/r3055.diff new file mode 100644 index 00000000..a2af6f39 --- /dev/null +++ b/patches/source/shadow/patches/r3055.diff @@ -0,0 +1,1515 @@ +=================================================================== +--- src/userdel.c (revision 3054) ++++ src/userdel.c (revision 3055) +@@ -94,7 +94,7 @@ + static bool spw_locked = false; + + /* local function prototypes */ +-static void usage (void); ++static void usage (int status); + static void update_groups (void); + static void close_files (void); + static void fail_exit (int); +@@ -111,7 +111,7 @@ + /* + * usage - display usage message and exit + */ +-static void usage (void) ++static void usage (int status) + { + fputs (_("Usage: userdel [options] LOGIN\n" + "\n" +@@ -120,8 +120,8 @@ + " even if not owned by user\n" + " -h, --help display this help message and exit\n" + " -r, --remove remove home directory and mail spool\n" +- "\n"), stderr); +- exit (E_USAGE); ++ "\n"), status ? stderr : stdout); ++ exit (status); + } + + /* +@@ -774,17 +774,19 @@ + case 'f': /* force remove even if not owned by user */ + fflg = true; + break; ++ case 'h': ++ usage (E_SUCCESS); + case 'r': /* remove home dir and mailbox */ + rflg = true; + break; + default: +- usage (); ++ usage (E_USAGE); + } + } + } + + if ((optind + 1) != argc) { +- usage (); ++ usage (E_USAGE); + } + + OPENLOG ("userdel"); +Index: src/lastlog.c +=================================================================== +--- src/lastlog.c (revision 3054) ++++ src/lastlog.c (revision 3055) +@@ -71,7 +71,7 @@ + + #define NOW (time ((time_t *) 0)) + +-static void usage (void) ++static void usage (int status) + { + fputs (_("Usage: lastlog [options]\n" + "\n" +@@ -80,8 +80,8 @@ + " -h, --help display this help message and exit\n" + " -t, --time DAYS print only lastlog records more recent than DAYS\n" + " -u, --user LOGIN print lastlog record of the specified LOGIN\n" +- "\n"), stderr); +- exit (EXIT_FAILURE); ++ "\n"), status ? stderr : stdout); ++ exit (status); + } + + static void print_one (/*@null@*/const struct passwd *pw) +@@ -208,7 +208,7 @@ + NULL)) != -1) { + switch (c) { + case 'h': +- usage (); ++ usage (EXIT_SUCCESS); + break; + case 't': + { +@@ -267,7 +267,7 @@ + break; + } + default: +- usage (); ++ usage (EXIT_FAILURE); + break; + } + } +@@ -275,7 +275,7 @@ + fprintf (stderr, + _("lastlog: unexpected argument: %s\n"), + argv[optind]); +- usage(); ++ usage (EXIT_FAILURE); + } + } + +Index: src/gpasswd.c +=================================================================== +--- src/gpasswd.c (revision 3054) ++++ src/gpasswd.c (revision 3055) +@@ -94,7 +94,7 @@ + #endif + + /* local function prototypes */ +-static void usage (void); ++static void usage (int status); + static RETSIGTYPE catch_signals (int killed); + static bool is_valid_user_list (const char *users); + static void process_flags (int argc, char **argv); +@@ -128,14 +128,15 @@ + /* + * usage - display usage message + */ +-static void usage (void) ++static void usage (int status) + { +- fprintf (stderr, ++ fprintf (status ? stderr : stdout, + _("Usage: %s [option] GROUP\n" + "\n" + "Options:\n" + " -a, --add USER add USER to GROUP\n" + " -d, --delete USER remove USER from GROUP\n" ++ " -h, --help display this help message and exit\n" + " -r, --remove-password remove the GROUP's password\n" + " -R, --restrict restrict access to GROUP to its members\n" + " -M, --members USER,... set the list of members of GROUP\n" +@@ -150,7 +151,7 @@ + _("The options cannot be combined.\n") + #endif + ); +- exit (E_USAGE); ++ exit (status); + } + + /* +@@ -235,6 +236,7 @@ + static struct option long_options[] = { + {"add", required_argument, NULL, 'a'}, + {"delete", required_argument, NULL, 'd'}, ++ {"help", no_argument, NULL, 'h'}, + {"remove-password", no_argument, NULL, 'r'}, + {"restrict", no_argument, NULL, 'R'}, + {"administrators", required_argument, NULL, 'A'}, +@@ -242,7 +244,7 @@ + {NULL, 0, NULL, '\0'} + }; + +- while ((flag = getopt_long (argc, argv, "a:A:d:gM:rR", long_options, &option_index)) != -1) { ++ while ((flag = getopt_long (argc, argv, "a:A:d:ghM:rR", long_options, &option_index)) != -1) { + switch (flag) { + case 'a': /* add a user */ + aflg = true; +@@ -276,6 +278,8 @@ + break; + case 'g': /* no-op from normal password */ + break; ++ case 'h': ++ usage (E_SUCCESS); + case 'M': /* set the list of members */ + members = optarg; + if (!is_valid_user_list (members)) { +@@ -290,7 +294,7 @@ + Rflg = true; + break; + default: +- usage (); ++ usage (E_USAGE); + } + } + +@@ -325,14 +329,14 @@ + exclusive++; + } + if (exclusive > 1) { +- usage (); ++ usage (E_USAGE); + } + + /* + * Make sure one (and only one) group was provided + */ + if ((argc != (opt_index+1)) || (NULL == group)) { +- usage (); ++ usage (E_USAGE); + } + } + +Index: src/newusers.c +=================================================================== +--- src/newusers.c (revision 3054) ++++ src/newusers.c (revision 3055) +@@ -92,7 +92,7 @@ + static bool spw_locked = false; + + /* local function prototypes */ +-static void usage (void); ++static void usage (int status); + static void fail_exit (int); + static int add_group (const char *, const char *, gid_t *, gid_t); + static int get_user_id (const char *, uid_t *); +@@ -110,15 +110,16 @@ + /* + * usage - display usage message and exit + */ +-static void usage (void) ++static void usage (int status) + { +- (void) fprintf (stderr, ++ FILE *usageout = status ? stderr : stdout; ++ (void) fprintf (usageout, + _("Usage: %s [options]\n" + "\n" + "Options:\n"), + Prog); + #ifndef USE_PAM +- (void) fprintf (stderr, ++ (void) fprintf (usageout, + _(" -c, --crypt-method the crypt method (one of %s)\n"), + #ifndef USE_SHA_CRYPT + "NONE DES MD5" +@@ -127,18 +128,18 @@ + #endif /* USE_SHA_CRYPT */ + ); + #endif /* !USE_PAM */ +- (void) fputs (_(" -h, --help display this help message and exit\n"), stderr); +- (void) fputs (_(" -r, --system create system accounts\n"), stderr); ++ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout); ++ (void) fputs (_(" -r, --system create system accounts\n"), usageout); + #ifndef USE_PAM + #ifdef USE_SHA_CRYPT + (void) fputs (_(" -s, --sha-rounds number of SHA rounds for the SHA*\n" + " crypt algorithms\n"), +- stderr); ++ usageout); + #endif /* USE_SHA_CRYPT */ + #endif /* !USE_PAM */ +- (void) fputs ("\n", stderr); ++ (void) fputs ("\n", usageout); + +- exit (EXIT_FAILURE); ++ exit (status); + } + + /* +@@ -548,7 +549,7 @@ + long_options, &option_index)) != -1) { + switch (c) { + case 'h': +- usage (); ++ usage (EXIT_SUCCESS); + break; + case 'r': + rflg = true; +@@ -565,13 +566,13 @@ + fprintf (stderr, + _("%s: invalid numeric argument '%s'\n"), + Prog, optarg); +- usage (); ++ usage (EXIT_FAILURE); + } + break; + #endif /* USE_SHA_CRYPT */ + #endif /* !USE_PAM */ + default: +- usage (); ++ usage (EXIT_FAILURE); + break; + } + } +@@ -602,7 +603,7 @@ + fprintf (stderr, + _("%s: %s flag is only allowed with the %s flag\n"), + Prog, "-s", "-c"); +- usage (); ++ usage (EXIT_FAILURE); + } + #endif /* USE_SHA_CRYPT */ + +@@ -618,7 +619,7 @@ + fprintf (stderr, + _("%s: unsupported crypt method: %s\n"), + Prog, crypt_method); +- usage (); ++ usage (EXIT_FAILURE); + } + } + #endif /* !USE_PAM */ +Index: src/chpasswd.c +=================================================================== +--- src/chpasswd.c (revision 3054) ++++ src/chpasswd.c (revision 3055) +@@ -74,7 +74,7 @@ + + /* local function prototypes */ + static void fail_exit (int code); +-static void usage (void); ++static void usage (int status); + static void process_flags (int argc, char **argv); + static void check_flags (void); + static void check_perms (void); +@@ -112,15 +112,16 @@ + /* + * usage - display usage message and exit + */ +-static void usage (void) ++static void usage (int status) + { +- (void) fprintf (stderr, ++ FILE *usageout = status ? stderr : stdout; ++ (void) fprintf (usageout, + _("Usage: %s [options]\n" + "\n" + "Options:\n"), + Prog); + #ifndef USE_PAM +- (void) fprintf (stderr, ++ (void) fprintf (usageout, + _(" -c, --crypt-method the crypt method (one of %s)\n"), + #ifndef USE_SHA_CRYPT + "NONE DES MD5" +@@ -128,22 +129,22 @@ + "NONE DES MD5 SHA256 SHA512" + #endif /* USE_SHA_CRYPT */ + ); +- (void) fputs (_(" -e, --encrypted supplied passwords are encrypted\n"), stderr); ++ (void) fputs (_(" -e, --encrypted supplied passwords are encrypted\n"), usageout); + #endif /* !USE_PAM */ +- (void) fputs (_(" -h, --help display this help message and exit\n"), stderr); ++ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout); + #ifndef USE_PAM + (void) fputs (_(" -m, --md5 encrypt the clear text password using\n" + " the MD5 algorithm\n"), +- stderr); ++ usageout); + #ifdef USE_SHA_CRYPT + (void) fputs (_(" -s, --sha-rounds number of SHA rounds for the SHA*\n" + " crypt algorithms\n"), +- stderr); ++ usageout); + #endif /* USE_SHA_CRYPT */ + #endif /* !USE_PAM */ +- (void) fputs ("\n", stderr); ++ (void) fputs ("\n", usageout); + +- exit (E_USAGE); ++ exit (status); + } + + /* +@@ -181,7 +182,7 @@ + long_options, &option_index)) != -1) { + switch (c) { + case 'h': +- usage (); ++ usage (E_SUCCESS); + break; + #ifndef USE_PAM + case 'c': +@@ -201,13 +202,13 @@ + fprintf (stderr, + _("%s: invalid numeric argument '%s'\n"), + Prog, optarg); +- usage (); ++ usage (E_USAGE); + } + break; + #endif /* USE_SHA_CRYPT */ + #endif /* !USE_PAM */ + default: +- usage (); ++ usage (E_USAGE); + break; + } + } +@@ -229,7 +230,7 @@ + fprintf (stderr, + _("%s: %s flag is only allowed with the %s flag\n"), + Prog, "-s", "-c"); +- usage (); ++ usage (E_USAGE); + } + #endif + +@@ -238,7 +239,7 @@ + fprintf (stderr, + _("%s: the -c, -e, and -m flags are exclusive\n"), + Prog); +- usage (); ++ usage (E_USAGE); + } + + if (cflg) { +@@ -253,7 +254,7 @@ + fprintf (stderr, + _("%s: unsupported crypt method: %s\n"), + Prog, crypt_method); +- usage (); ++ usage (E_USAGE); + } + } + #endif /* USE_PAM */ +Index: src/groupmems.c +=================================================================== +--- src/groupmems.c (revision 3054) ++++ src/groupmems.c (revision 3055) +@@ -88,7 +88,7 @@ + const struct group *grp); + static void purge_members (const struct group *grp); + static void display_members (const char *const *members); +-static void usage (void); ++static void usage (int status); + static void process_flags (int argc, char **argv); + static void check_perms (void); + static void fail_exit (int code); +@@ -361,7 +361,7 @@ + } + } + +-static void usage (void) ++static void usage (int status) + { + (void) fputs (_("Usage: groupmems [options] [action]\n" + "\n" +@@ -372,10 +372,11 @@ + "Actions:\n" + " -a, --add username add username to the members of the group\n" + " -d, --delete username remove username from the members of the group\n" ++ " -h, --help display this help message and exit\n" + " -p, --purge purge all members from the group\n" + " -l, --list list the members of the group\n" +- "\n"), stderr); +- fail_exit (EXIT_USAGE); ++ "\n"), status ? stderr : stdout); ++ fail_exit (status); + } + + /* +@@ -389,12 +390,13 @@ + {"add", required_argument, NULL, 'a'}, + {"delete", required_argument, NULL, 'd'}, + {"group", required_argument, NULL, 'g'}, ++ {"help", no_argument, NULL, 'h'}, + {"list", no_argument, NULL, 'l'}, + {"purge", no_argument, NULL, 'p'}, + {NULL, 0, NULL, '\0'} + }; + +- while ((arg = getopt_long (argc, argv, "a:d:g:lp", long_options, ++ while ((arg = getopt_long (argc, argv, "a:d:g:hlp", long_options, + &option_index)) != EOF) { + switch (arg) { + case 'a': +@@ -408,6 +410,8 @@ + case 'g': + thisgroup = xstrdup (optarg); + break; ++ case 'h': ++ usage (EXIT_SUCCESS); + case 'l': + list = true; + ++exclusive; +@@ -417,12 +421,12 @@ + ++exclusive; + break; + default: +- usage (); ++ usage (EXIT_USAGE); + } + } + + if ((exclusive > 1) || (optind < argc)) { +- usage (); ++ usage (EXIT_USAGE); + } + + /* local, no need for xgetpwnam */ +Index: src/usermod.c +=================================================================== +--- src/usermod.c (revision 3054) ++++ src/usermod.c (revision 3055) +@@ -149,7 +149,7 @@ + static void date_to_str (char *buf, size_t maxsize, + long int date, const char *negativ); + static int get_groups (char *); +-static void usage (void); ++static void usage (int status); + static void new_pwent (struct passwd *); + #ifdef WITH_SELINUX + static void selinux_update_mapping (void); +@@ -300,9 +300,9 @@ + /* + * usage - display usage message and exit + */ +-static void usage (void) ++static void usage (int status) + { +- fprintf (stderr, ++ fprintf (status ? stderr : stdout, + _("Usage: usermod [options] LOGIN\n" + "\n" + "Options:\n" +@@ -334,7 +334,7 @@ + "" + #endif + ); +- exit (E_USAGE); ++ exit (status); + } + + /* +@@ -815,7 +815,7 @@ + bool anyflag = false; + + if ((1 == argc) || ('-' == argv[argc - 1][0])) { +- usage (); ++ usage (E_USAGE); + } + + { +@@ -955,7 +955,7 @@ + fprintf (stderr, + _("%s: invalid numeric argument '%s'\n"), + Prog, optarg); +- usage (); ++ usage (E_USAGE); + } + fflg = true; + break; +@@ -976,6 +976,8 @@ + } + Gflg = true; + break; ++ case 'h': ++ usage (E_SUCCESS); + case 'l': + if (!is_valid_user_name (optarg)) { + fprintf (stderr, +@@ -1036,7 +1038,7 @@ + break; + #endif + default: +- usage (); ++ usage (E_USAGE); + } + anyflag = true; + } +@@ -1092,14 +1094,14 @@ + } + + if (optind != argc - 1) { +- usage (); ++ usage (E_USAGE); + } + + if (aflg && (!Gflg)) { + fprintf (stderr, + _("%s: %s flag is only allowed with the %s flag\n"), + Prog, "-a", "-G"); +- usage (); ++ usage (E_USAGE); + exit (E_USAGE); + } + +@@ -1107,7 +1109,7 @@ + fprintf (stderr, + _("%s: the -L, -p, and -U flags are exclusive\n"), + Prog); +- usage (); ++ usage (E_USAGE); + exit (E_USAGE); + } + +@@ -1115,7 +1117,7 @@ + fprintf (stderr, + _("%s: %s flag is only allowed with the %s flag\n"), + Prog, "-o", "-u"); +- usage (); ++ usage (E_USAGE); + exit (E_USAGE); + } + +@@ -1123,7 +1125,7 @@ + fprintf (stderr, + _("%s: %s flag is only allowed with the %s flag\n"), + Prog, "-m", "-d"); +- usage (); ++ usage (E_USAGE); + exit (E_USAGE); + } + +Index: src/chgpasswd.c +=================================================================== +--- src/chgpasswd.c (revision 3054) ++++ src/chgpasswd.c (revision 3055) +@@ -78,7 +78,7 @@ + + /* local function prototypes */ + static void fail_exit (int code); +-static void usage (void); ++static void usage (int status); + static void process_flags (int argc, char **argv); + static void check_flags (void); + static void check_perms (void); +@@ -114,9 +114,10 @@ + /* + * usage - display usage message and exit + */ +-static void usage (void) ++static void usage (int status) + { +- fprintf (stderr, _("Usage: %s [options]\n" ++ fprintf (status ? stderr : stdout, ++ _("Usage: %s [options]\n" + "\n" + "Options:\n" + " -c, --crypt-method the crypt method (one of %s)\n" +@@ -135,7 +136,7 @@ + " crypt algorithms\n") + #endif + ); +- exit (E_USAGE); ++ exit (status); + } + + /* +@@ -174,7 +175,7 @@ + eflg = true; + break; + case 'h': +- usage (); ++ usage (E_SUCCESS); + break; + case 'm': + md5flg = true; +@@ -186,12 +187,12 @@ + fprintf (stderr, + _("%s: invalid numeric argument '%s'\n"), + Prog, optarg); +- usage (); ++ usage (E_USAGE); + } + break; + #endif + default: +- usage (); ++ usage (E_USAGE); + break; + } + } +@@ -212,7 +213,7 @@ + fprintf (stderr, + _("%s: %s flag is only allowed with the %s flag\n"), + Prog, "-s", "-c"); +- usage (); ++ usage (E_USAGE); + } + #endif + +@@ -221,7 +222,7 @@ + fprintf (stderr, + _("%s: the -c, -e, and -m flags are exclusive\n"), + Prog); +- usage (); ++ usage (E_USAGE); + } + + if (cflg) { +@@ -236,7 +237,7 @@ + fprintf (stderr, + _("%s: unsupported crypt method: %s\n"), + Prog, crypt_method); +- usage (); ++ usage (E_USAGE); + } + } + } +Index: src/vipw.c +=================================================================== +--- src/vipw.c (revision 3054) ++++ src/vipw.c (revision 3055) +@@ -1,7 +1,7 @@ + /* + vipw, vigr edit the password or group file + with -s will edit shadow or gshadow file +- ++ + Copyright (c) 1997 , Guy Maor + Copyright (c) 1999 - 2000, Marek Michałkiewicz + Copyright (c) 2002 - 2006, Tomasz Kłoczko +@@ -29,8 +29,8 @@ + + #include + #include +-#ifdef WITH_SELINUX +-#include ++#ifdef WITH_SELINUX ++#include + #endif + #include + #include +@@ -64,7 +64,7 @@ + static bool quiet = false; + + /* local function prototypes */ +-static void usage (void); ++static void usage (int status); + static int create_backup_file (FILE *, const char *, struct stat *); + static void vipwexit (const char *msg, int syserr, int ret); + static void vipwedit (const char *, int (*)(void), int (*)(void)); +@@ -72,9 +72,9 @@ + /* + * usage - display usage message and exit + */ +-static void usage (void) ++static void usage (int status) + { +- (void) ++ (void) + fputs (_("Usage: vipw [options]\n" + "\n" + "Options:\n" +@@ -83,8 +83,8 @@ + " -p, --passwd edit passwd database\n" + " -q, --quiet quiet mode\n" + " -s, --shadow edit shadow or gshadow database\n" +- "\n"), stderr); +- exit (E_USAGE); ++ "\n"), status ? stderr : stdout); ++ exit (status); + } + + /* +@@ -285,8 +285,8 @@ + if (st1.st_mtime == st2.st_mtime) { + vipwexit (0, 0, 0); + } +-#ifdef WITH_SELINUX +- /* unset the fscreatecon */ ++#ifdef WITH_SELINUX ++ /* unset the fscreatecon */ + if (is_selinux_enabled ()) { + if (setfscreatecon (NULL)) { + vipwexit (_("setfscreatecon () failed"), errno, 1); +@@ -353,7 +353,7 @@ + do_vipw = false; + break; + case 'h': +- usage (); ++ usage (E_SUCCESS); + break; + case 'p': + do_vipw = true; +@@ -365,7 +365,7 @@ + editshadow = true; + break; + default: +- usage (); ++ usage (E_USAGE); + } + } + } +Index: src/useradd.c +=================================================================== +--- src/useradd.c (revision 3054) ++++ src/useradd.c (revision 3055) +@@ -179,7 +179,7 @@ + static void show_defaults (void); + static int set_defaults (void); + static int get_groups (char *); +-static void usage (void); ++static void usage (int status); + static void new_pwent (struct passwd *); + #ifdef WITH_SELINUX + static void selinux_update_mapping (void); +@@ -681,45 +681,46 @@ + /* + * usage - display usage message and exit + */ +-static void usage (void) ++static void usage (int status) + { +- (void) fprintf (stderr, ++ FILE *usageout = status ? stderr : stdout; ++ (void) fprintf (usageout, + _("Usage: %s [options] LOGIN\n" + "\n" + "Options:\n"), + Prog); + (void) fputs (_(" -b, --base-dir BASE_DIR base directory for the home directory of the\n" +- " new account\n"), stderr); +- (void) fputs (_(" -c, --comment COMMENT GECOS field of the new account\n"), stderr); +- (void) fputs (_(" -d, --home-dir HOME_DIR home directory of the new account\n"), stderr); +- (void) fputs (_(" -D, --defaults print or change default useradd configuration\n"), stderr); +- (void) fputs (_(" -e, --expiredate EXPIRE_DATE expiration date of the new account\n"), stderr); +- (void) fputs (_(" -f, --inactive INACTIVE password inactivity period of the new account\n"), stderr); ++ " new account\n"), usageout); ++ (void) fputs (_(" -c, --comment COMMENT GECOS field of the new account\n"), usageout); ++ (void) fputs (_(" -d, --home-dir HOME_DIR home directory of the new account\n"), usageout); ++ (void) fputs (_(" -D, --defaults print or change default useradd configuration\n"), usageout); ++ (void) fputs (_(" -e, --expiredate EXPIRE_DATE expiration date of the new account\n"), usageout); ++ (void) fputs (_(" -f, --inactive INACTIVE password inactivity period of the new account\n"), usageout); + (void) fputs (_(" -g, --gid GROUP name or ID of the primary group of the new\n" +- " account\n"), stderr); ++ " account\n"), usageout); + (void) fputs (_(" -G, --groups GROUPS list of supplementary groups of the new\n" +- " account\n"), stderr); +- (void) fputs (_(" -h, --help display this help message and exit\n"), stderr); +- (void) fputs (_(" -k, --skel SKEL_DIR use this alternative skeleton directory\n"), stderr); +- (void) fputs (_(" -K, --key KEY=VALUE override /etc/login.defs defaults\n"), stderr); ++ " account\n"), usageout); ++ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout); ++ (void) fputs (_(" -k, --skel SKEL_DIR use this alternative skeleton directory\n"), usageout); ++ (void) fputs (_(" -K, --key KEY=VALUE override /etc/login.defs defaults\n"), usageout); + (void) fputs (_(" -l, --no-log-init do not add the user to the lastlog and\n" +- " faillog databases\n"), stderr); +- (void) fputs (_(" -m, --create-home create the user's home directory\n"), stderr); +- (void) fputs (_(" -M, --no-create-home do not create the user's home directory\n"), stderr); ++ " faillog databases\n"), usageout); ++ (void) fputs (_(" -m, --create-home create the user's home directory\n"), usageout); ++ (void) fputs (_(" -M, --no-create-home do not create the user's home directory\n"), usageout); + (void) fputs (_(" -N, --no-user-group do not create a group with the same name as\n" +- " the user\n"), stderr); ++ " the user\n"), usageout); + (void) fputs (_(" -o, --non-unique allow to create users with duplicate\n" +- " (non-unique) UID\n"), stderr); +- (void) fputs (_(" -p, --password PASSWORD encrypted password of the new account\n"), stderr); +- (void) fputs (_(" -r, --system create a system account\n"), stderr); +- (void) fputs (_(" -s, --shell SHELL login shell of the new account\n"), stderr); +- (void) fputs (_(" -u, --uid UID user ID of the new account\n"), stderr); +- (void) fputs (_(" -U, --user-group create a group with the same name as the user\n"), stderr); ++ " (non-unique) UID\n"), usageout); ++ (void) fputs (_(" -p, --password PASSWORD encrypted password of the new account\n"), usageout); ++ (void) fputs (_(" -r, --system create a system account\n"), usageout); ++ (void) fputs (_(" -s, --shell SHELL login shell of the new account\n"), usageout); ++ (void) fputs (_(" -u, --uid UID user ID of the new account\n"), usageout); ++ (void) fputs (_(" -U, --user-group create a group with the same name as the user\n"), usageout); + #ifdef WITH_SELINUX +- (void) fputs (_(" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping\n"), stderr); ++ (void) fputs (_(" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping\n"), usageout); + #endif +- (void) fputs ("\n", stderr); +- exit (E_USAGE); ++ (void) fputs ("\n", usageout); ++ exit (status); + } + + /* +@@ -989,9 +990,9 @@ + }; + while ((c = getopt_long (argc, argv, + #ifdef WITH_SELINUX +- "b:c:d:De:f:g:G:k:K:lmMNop:rs:u:UZ:", ++ "b:c:d:De:f:g:G:hk:K:lmMNop:rs:u:UZ:", + #else +- "b:c:d:De:f:g:G:k:K:lmMNop:rs:u:U", ++ "b:c:d:De:f:g:G:hk:K:lmMNop:rs:u:U", + #endif + long_options, NULL)) != -1) { + switch (c) { +@@ -1029,7 +1030,7 @@ + break; + case 'D': + if (anyflag) { +- usage (); ++ usage (E_USAGE); + } + Dflg = true; + break; +@@ -1066,7 +1067,7 @@ + fprintf (stderr, + _("%s: invalid numeric argument '%s'\n"), + Prog, optarg); +- usage (); ++ usage (E_USAGE); + } + /* + * -f -1 is allowed +@@ -1106,7 +1107,7 @@ + Gflg = true; + break; + case 'h': +- usage (); ++ usage (E_SUCCESS); + break; + case 'k': + def_template = optarg; +@@ -1201,7 +1202,7 @@ + break; + #endif + default: +- usage (); ++ usage (E_USAGE); + } + anyflag = true; + } +@@ -1220,31 +1221,31 @@ + fprintf (stderr, + _("%s: %s flag is only allowed with the %s flag\n"), + Prog, "-o", "-u"); +- usage (); ++ usage (E_USAGE); + } + if (kflg && !mflg) { + fprintf (stderr, + _("%s: %s flag is only allowed with the %s flag\n"), + Prog, "-k", "-m"); +- usage (); ++ usage (E_USAGE); + } + if (Uflg && gflg) { + fprintf (stderr, + _("%s: options %s and %s conflict\n"), + Prog, "-U", "-g"); +- usage (); ++ usage (E_USAGE); + } + if (Uflg && Nflg) { + fprintf (stderr, + _("%s: options %s and %s conflict\n"), + Prog, "-U", "-N"); +- usage (); ++ usage (E_USAGE); + } + if (mflg && Mflg) { + fprintf (stderr, + _("%s: options %s and %s conflict\n"), + Prog, "-m", "-M"); +- usage (); ++ usage (E_USAGE); + } + + /* +@@ -1253,15 +1254,15 @@ + */ + if (Dflg) { + if (optind != argc) { +- usage (); ++ usage (E_USAGE); + } + + if (uflg || oflg || Gflg || dflg || cflg || mflg) { +- usage (); ++ usage (E_USAGE); + } + } else { + if (optind != argc - 1) { +- usage (); ++ usage (E_USAGE); + } + + user_name = argv[optind]; +Index: src/su.c +=================================================================== +--- src/su.c (revision 3054) ++++ src/su.c (revision 3055) +@@ -323,7 +323,7 @@ + /* + * usage - print command line syntax and exit + */ +-static void usage (void) ++static void usage (int status) + { + fputs (_("Usage: su [options] [LOGIN]\n" + "\n" +@@ -335,8 +335,8 @@ + " --preserve-environment do not reset environment variables, and\n" + " keep the same shell\n" + " -s, --shell SHELL use SHELL instead of the default in passwd\n" +- "\n"), stderr); +- exit (E_USAGE); ++ "\n"), status ? stderr : stdout); ++ exit (status); + } + + /* +@@ -421,7 +421,7 @@ + command = optarg; + break; + case 'h': +- usage (); ++ usage (E_SUCCESS); + break; + case 'l': + fakelogin = true; +@@ -438,7 +438,7 @@ + shellstr = optarg; + break; + default: +- usage (); /* NOT REACHED */ ++ usage (E_USAGE); /* NOT REACHED */ + } + } + +Index: src/groupmod.c +=================================================================== +--- src/groupmod.c (revision 3054) ++++ src/groupmod.c (revision 3055) +@@ -93,7 +93,7 @@ + pflg = false; /* new encrypted password */ + + /* local function prototypes */ +-static void usage (void); ++static void usage (int status); + static void new_grent (struct group *); + + #ifdef SHADOWGRP +@@ -113,21 +113,22 @@ + * usage - display usage message and exit + */ + +-static void usage (void) ++static void usage (int status) + { +- (void) fprintf (stderr, ++ FILE *usageout = status ? stderr : stdout; ++ (void) fprintf (usageout, + _("Usage: %s [options] GROUP\n" + "\n" + "Options:\n"), + Prog); +- (void) fputs (_(" -g, --gid GID change the group ID to GID\n"), stderr); +- (void) fputs (_(" -h, --help display this help message and exit\n"), stderr); +- (void) fputs (_(" -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"), stderr); +- (void) fputs (_(" -o, --non-unique allow to use a duplicate (non-unique) GID\n"), stderr); ++ (void) fputs (_(" -g, --gid GID change the group ID to GID\n"), usageout); ++ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout); ++ (void) fputs (_(" -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"), usageout); ++ (void) fputs (_(" -o, --non-unique allow to use a duplicate (non-unique) GID\n"), usageout); + (void) fputs (_(" -p, --password PASSWORD change the password to this (encrypted)\n" +- " PASSWORD\n"), stderr); +- (void) fputs ("\n", stderr); +- exit (E_USAGE); ++ " PASSWORD\n"), usageout); ++ (void) fputs ("\n", usageout); ++ exit (status); + } + + /* +@@ -362,6 +363,8 @@ + exit (E_BAD_ARG); + } + break; ++ case 'h': ++ usage (E_SUCCESS); + case 'n': + nflg = true; + group_newname = optarg; +@@ -374,16 +377,16 @@ + pflg = true; + break; + default: +- usage (); ++ usage (E_USAGE); + } + } + + if (oflg && !gflg) { +- usage (); ++ usage (E_USAGE); + } + + if (optind != (argc - 1)) { +- usage (); ++ usage (E_USAGE); + } + + group_name = argv[argc - 1]; +Index: src/passwd.c +=================================================================== +--- src/passwd.c (revision 3054) ++++ src/passwd.c (revision 3055) +@@ -180,7 +180,7 @@ + " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n" + " -x, --maxdays MAX_DAYS set maximum number of days before password\n" + " change to MAX_DAYS\n" +- "\n"), stderr); ++ "\n"), status ? stderr : stdout); + exit (status); + } + +@@ -811,7 +811,7 @@ + {NULL, 0, NULL, '\0'} + }; + +- while ((c = getopt_long (argc, argv, "adei:kln:qr:Suw:x:", ++ while ((c = getopt_long (argc, argv, "adehi:kln:qr:Suw:x:", + long_options, &option_index)) != -1) { + switch (c) { + case 'a': +@@ -897,6 +897,8 @@ + xflg = true; + anyflag = true; + break; ++ case 'h': ++ usage (E_SUCCESS); + default: + usage (E_BAD_ARG); + } +Index: src/groupadd.c +=================================================================== +--- src/groupadd.c (revision 3054) ++++ src/groupadd.c (revision 3055) +@@ -88,7 +88,7 @@ + #endif + + /* local function prototypes */ +-static void usage (void); ++static void usage (int status); + static void new_grent (struct group *grent); + + #ifdef SHADOWGRP +@@ -105,24 +105,25 @@ + /* + * usage - display usage message and exit + */ +-static void usage (void) ++static void usage (int status) + { +- (void) fprintf (stderr, ++ FILE *usageout = status ? stderr : stdout; ++ (void) fprintf (usageout, + _("Usage: %s [options] GROUP\n" + "\n" + "Options:\n"), + Prog); + (void) fputs (_(" -f, --force exit successfully if the group already exists,\n" +- " and cancel -g if the GID is already used\n"), stderr); +- (void) fputs (_(" -g, --gid GID use GID for the new group\n"), stderr); +- (void) fputs (_(" -h, --help display this help message and exit\n"), stderr); +- (void) fputs (_(" -K, --key KEY=VALUE override /etc/login.defs defaults\n"), stderr); ++ " and cancel -g if the GID is already used\n"), usageout); ++ (void) fputs (_(" -g, --gid GID use GID for the new group\n"), usageout); ++ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout); ++ (void) fputs (_(" -K, --key KEY=VALUE override /etc/login.defs defaults\n"), usageout); + (void) fputs (_(" -o, --non-unique allow to create groups with duplicate\n" +- " (non-unique) GID\n"), stderr); +- (void) fputs (_(" -p, --password PASSWORD use this encrypted password for the new group\n"), stderr); +- (void) fputs (_(" -r, --system create a system account\n"), stderr); +- (void) fputs ("\n", stderr); +- exit (E_USAGE); ++ " (non-unique) GID\n"), usageout); ++ (void) fputs (_(" -p, --password PASSWORD use this encrypted password for the new group\n"), usageout); ++ (void) fputs (_(" -r, --system create a system account\n"), usageout); ++ (void) fputs ("\n", usageout); ++ exit (status); + } + + /* +@@ -412,7 +413,7 @@ + } + break; + case 'h': +- usage (); ++ usage (E_SUCCESS); + break; + case 'K': + /* +@@ -444,7 +445,7 @@ + rflg = true; + break; + default: +- usage (); ++ usage (E_USAGE); + } + } + +@@ -452,7 +453,7 @@ + * Check the flags consistency + */ + if (optind != argc - 1) { +- usage (); ++ usage (E_USAGE); + } + group_name = argv[optind]; + +@@ -468,7 +469,7 @@ + { + /* -o does not make sense without -g */ + if (oflg && !gflg) { +- usage (); ++ usage (E_USAGE); + } + + check_new_name (); +Index: src/chage.c +=================================================================== +--- src/chage.c (revision 3054) ++++ src/chage.c (revision 3055) +@@ -91,7 +91,7 @@ + + /* local function prototypes */ + static bool isnum (const char *s); +-static void usage (void); ++static void usage (int status); + static void date_to_str (char *buf, size_t maxsize, time_t date); + static int new_fields (void); + static void print_date (time_t date); +@@ -152,7 +152,7 @@ + /* + * usage - print command line syntax and exit + */ +-static void usage (void) ++static void usage (int status) + { + fputs (_("Usage: chage [options] [LOGIN]\n" + "\n" +@@ -168,8 +168,8 @@ + " -M, --maxdays MAX_DAYS set maximim number of days before password\n" + " change to MAX_DAYS\n" + " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n" +- "\n"), stderr); +- exit (E_USAGE); ++ "\n"), status ? stderr : stdout); ++ exit (status); + } + + static void date_to_str (char *buf, size_t maxsize, time_t date) +@@ -413,7 +413,7 @@ + fprintf (stderr, + _("%s: invalid date '%s'\n"), + Prog, optarg); +- usage (); ++ usage (E_USAGE); + } + break; + case 'E': +@@ -425,11 +425,11 @@ + fprintf (stderr, + _("%s: invalid date '%s'\n"), + Prog, optarg); +- usage (); ++ usage (E_USAGE); + } + break; + case 'h': +- usage (); ++ usage (E_SUCCESS); + break; + case 'I': + Iflg = true; +@@ -438,7 +438,7 @@ + fprintf (stderr, + _("%s: invalid numeric argument '%s'\n"), + Prog, optarg); +- usage (); ++ usage (E_USAGE); + } + break; + case 'l': +@@ -451,7 +451,7 @@ + fprintf (stderr, + _("%s: invalid numeric argument '%s'\n"), + Prog, optarg); +- usage (); ++ usage (E_USAGE); + } + break; + case 'M': +@@ -461,7 +461,7 @@ + fprintf (stderr, + _("%s: invalid numeric argument '%s'\n"), + Prog, optarg); +- usage (); ++ usage (E_USAGE); + } + break; + case 'W': +@@ -471,11 +471,11 @@ + fprintf (stderr, + _("%s: invalid numeric argument '%s'\n"), + Prog, optarg); +- usage (); ++ usage (E_USAGE); + } + break; + default: +- usage (); ++ usage (E_USAGE); + } + } + +@@ -495,14 +495,14 @@ + */ + + if (argc != opt_index + 1) { +- usage (); ++ usage (E_USAGE); + } + + if (lflg && (mflg || Mflg || dflg || Wflg || Iflg || Eflg)) { + fprintf (stderr, + _("%s: do not include \"l\" with other flags\n"), + Prog); +- usage (); ++ usage (E_USAGE); + } + } + +Index: src/faillog.c +=================================================================== +--- src/faillog.c (revision 3054) ++++ src/faillog.c (revision 3055) +@@ -47,6 +47,17 @@ + /*@-exitarg@*/ + #include "exitcodes.h" + ++/* local function prototypes */ ++static void usage (int status); ++static void print_one (/*@null@*/const struct passwd *pw, bool force); ++static void set_locktime (long locktime); ++static bool set_locktime_one (uid_t uid, long locktime); ++static void setmax (int max); ++static bool setmax_one (uid_t uid, int max); ++static void print (void); ++static bool reset_one (uid_t uid); ++static void reset (void); ++ + /* + * Global variables + */ +@@ -69,24 +80,25 @@ + + #define NOW (time((time_t *) 0)) + +-static void usage (void) ++static void usage (int status) + { +- (void) fprintf (stderr, ++ FILE *usageout = status ? stderr : stdout; ++ (void) fprintf (usageout, + _("Usage: %s [options]\n" + "\n" + "Options:\n"), + "faillog"); +- (void) fputs (_(" -a, --all display faillog records for all users\n"), stderr); +- (void) fputs (_(" -h, --help display this help message and exit\n"), stderr); +- (void) fputs (_(" -l, --lock-time SEC after failed login lock account for SEC seconds\n"), stderr); +- (void) fputs (_(" -m, --maximum MAX set maximum failed login counters to MAX\n"), stderr); +- (void) fputs (_(" -r, --reset reset the counters of login failures\n"), stderr); +- (void) fputs (_(" -t, --time DAYS display faillog records more recent than DAYS\n"), stderr); ++ (void) fputs (_(" -a, --all display faillog records for all users\n"), usageout); ++ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout); ++ (void) fputs (_(" -l, --lock-time SEC after failed login lock account for SEC seconds\n"), usageout); ++ (void) fputs (_(" -m, --maximum MAX set maximum failed login counters to MAX\n"), usageout); ++ (void) fputs (_(" -r, --reset reset the counters of login failures\n"), usageout); ++ (void) fputs (_(" -t, --time DAYS display faillog records more recent than DAYS\n"), usageout); + (void) fputs (_(" -u, --user LOGIN/RANGE display faillog record or maintains failure\n" + " counters and limits (if used with -r, -m,\n" +- " or -l) only for the specified LOGIN(s)\n"), stderr); +- (void) fputs ("\n", stderr); +- exit (E_USAGE); ++ " or -l) only for the specified LOGIN(s)\n"), usageout); ++ (void) fputs ("\n", usageout); ++ exit (status); + } + + static void print_one (/*@null@*/const struct passwd *pw, bool force) +@@ -495,7 +507,7 @@ + aflg = true; + break; + case 'h': +- usage (); ++ usage (E_SUCCESS); + break; + case 'l': + if (getlong (optarg, &fail_locktime) == 0) { +@@ -561,16 +573,16 @@ + break; + } + default: +- usage (); ++ usage (E_USAGE); + } + } + } + + if (aflg && uflg) { +- usage (); ++ usage (E_USAGE); + } + if (tflg && (lflg || mflg || rflg)) { +- usage (); ++ usage (E_USAGE); + } + + /* Open the faillog database */ +Index: src/chsh.c +=================================================================== +--- src/chsh.c (revision 3054) ++++ src/chsh.c (revision 3055) +@@ -72,7 +72,7 @@ + + /* local function prototypes */ + static void fail_exit (int code); +-static void usage (void); ++static void usage (int status); + static void new_fields (void); + static bool shell_is_listed (const char *); + static bool is_restricted_shell (const char *); +@@ -101,15 +101,15 @@ + /* + * usage - print command line syntax and exit + */ +-static void usage (void) ++static void usage (int status) + { + fputs (_("Usage: chsh [options] [LOGIN]\n" + "\n" + "Options:\n" + " -h, --help display this help message and exit\n" + " -s, --shell SHELL new login shell for the user account\n" +- "\n"), stderr); +- exit (E_USAGE); ++ "\n"), status ? stderr : stdout); ++ exit (status); + } + + /* +@@ -217,14 +217,14 @@ + &option_index)) != -1) { + switch (c) { + case 'h': +- usage (); ++ usage (E_SUCCESS); + break; + case 's': + sflg = true; + STRFCPY (loginsh, optarg); + break; + default: +- usage (); ++ usage (E_USAGE); + } + } + +@@ -233,7 +233,7 @@ + * be the user's name. + */ + if (argc > (optind + 1)) { +- usage (); ++ usage (E_USAGE); + } + } + +Index: man/groupmems.8.xml +=================================================================== +--- man/groupmems.8.xml (revision 3054) ++++ man/groupmems.8.xml (revision 3055) +@@ -114,6 +114,12 @@ + + + ++ , ++ ++ Display help message and exit. ++ ++ ++ + , + + List the group membership list. +Index: man/gpasswd.1.xml +=================================================================== +--- man/gpasswd.1.xml (revision 3054) ++++ man/gpasswd.1.xml (revision 3055) +@@ -1,7 +1,7 @@ + + Check and explicitly care for this! */ ++@@ -1803,6 +1806,7 @@ ++ deltax = ppoints[i].x - ppoints[numppoints-1].x; ++ deltay = ppoints[i].y - ppoints[numppoints-1].y; ++ +++ if (ppoints == NULL || numppoints <= i + 1) Error0i("DoClosePath: No previous point!"); ++ /* save nummppoints and reset to move point */ ++ tmpind = numppoints; ++ numppoints = i + 1; ++@@ -1905,7 +1909,7 @@ ++ FindStems( currx, curry, 0, 0, dx, dy); ++ } ++ else { ++- if (ppoints == NULL) Error0i("RMoveTo: No previous point!\n"); +++ if (ppoints == NULL || numppoints < 2) Error0i("RMoveTo: No previous point!\n"); ++ FindStems( currx, curry, ppoints[numppoints-2].x, ppoints[numppoints-2].y, dx, dy); ++ } ++ ++@@ -2155,6 +2159,7 @@ ++ DOUBLE cx, cy; ++ DOUBLE ex, ey; ++ +++ if (ppoints == NULL || numppoints < 8) Error0v("FlxProc: No previous point!"); ++ ++ /* Our PPOINT list now contains 7 moveto commands which ++ are about to be consumed by the Flex mechanism. --> Remove these ++@@ -2324,6 +2329,7 @@ ++ /* Returns currentpoint on stack */ ++ static void FlxProc2() ++ { +++ if (ppoints == NULL || numppoints < 1) Error0v("FlxProc2: No previous point!"); ++ /* Push CurrentPoint on fake PostScript stack */ ++ PSFakePush( ppoints[numppoints-1].x); ++ PSFakePush( ppoints[numppoints-1].y); +--- t1lib-5.1.2.orig/debian/patches/format-security.diff ++++ t1lib-5.1.2/debian/patches/format-security.diff +@@ -0,0 +1,33 @@ ++--- a/lib/type1/objects.c +++++ b/lib/type1/objects.c ++@@ -957,7 +957,7 @@ ++ ++ sprintf(typemsg, "Wrong object type in %s; expected %s, found %s.\n", ++ name, TypeFmt(expect), TypeFmt(obj->type)); ++- IfTrace0(TRUE,typemsg); +++ IfTrace1(TRUE, "%s", typemsg); ++ ++ ObjectPostMortem(obj); ++ ++--- a/lib/t1lib/t1subset.c +++++ b/lib/t1lib/t1subset.c ++@@ -759,7 +759,7 @@ ++ tr_len); ++ T1_PrintLog( "T1_SubsetFont()", err_warn_msg_buf, ++ T1LOG_DEBUG); ++- l+=sprintf( &(trailerbuf[l]), linebuf); /* contains the PostScript trailer */ +++ l+=sprintf( &(trailerbuf[l]), "%s", linebuf); /* contains the PostScript trailer */ ++ } ++ ++ /* compute size of output file */ ++--- a/lib/type1/objects.h +++++ b/lib/type1/objects.h ++@@ -214,7 +214,7 @@ ++ /*SHARED*/ ++ /* NDW: personally, I want to see status and error messages! */ ++ #define IfTrace0(condition,model) \ ++- {if (condition) printf(model);} +++ {if (condition) fputs(model,stdout);} ++ #define IfTrace1(condition,model,arg0) \ ++ {if (condition) printf(model,arg0);} ++ #define IfTrace2(condition,model,arg0,arg1) \ +--- t1lib-5.1.2.orig/debian/patches/series ++++ t1lib-5.1.2/debian/patches/series +@@ -0,0 +1,8 @@ ++no-docs.diff ++no-config.diff ++lib-cleanup.diff ++#segfault.diff ++format-security.diff ++CVE-2011-0764.diff ++CVE-2011-1552_1553_1554.patch ++CVE-2010-2642.patch +--- t1lib-5.1.2.orig/debian/man/FontDatabase.5 ++++ t1lib-5.1.2/debian/man/FontDatabase.5 +@@ -0,0 +1,77 @@ ++.TH FONTDATABASE 5 ++.SH NAME ++FontDataBase \- database of fonts accessible to t1lib. ++.SH DESCRIPTION ++This manual page has been written for the Debian GNU/Linux ++distribution. It has been adapted from the documentation included in ++the upstream ++.B t1lib ++distribution. ++.PP ++.B /etc/t1lib/FontDataBase ++is a text file which contains, minimally, the basenames of Type 1 font ++files to be made accessible to the ++.B t1lib ++font rasterizer library. The format is intentionally similar to that ++of the ++.B fonts.dir ++and ++.B fonts.scale ++files used by X11. ++.PP ++Line 1 of this file contains a positive integer specifying the number ++of fonts declared in that file. This is as in the ++.B fonts.dir ++files of the X11 system. ++.PP ++All remaining lines contain declarations of one font each. The only ++thing taken from such a line is the last string (delimited by white ++space) in it. It is assumed to be a filename of the format ++\fIbasename\fR.\fIsomeextension\fR. ++.PP ++The \fIbasename\fR part is assumed to be the ++.BR basename (1) ++of a fontfile. After the a string has been parsed, the ++.I extension ++is cut off and replaced in turn with ++.I .pfa ++and ++.I .pfb. ++The initialization routine tries to open a font file in ++its search path with one of the resulting filenames. ++.PP ++The remainder of the line, i.e., from beginning to the start of the ++filename string, is completely ignored and thus may contain ++information for other programs. ++.SH EXAMPLES ++Here is a minimal font database file for 4 fonts: ++.sp ++.nf ++4 ++isvl.afm ++isvli.afm ++isvd.afm ++isvdi.afm ++.fi ++.PP ++This file is \fIminimal\fR, because it contains just the information ++needed, and nothing not needed by the library. ++.PP ++Here is a more realistic example, which allows an application to match ++a fully qualified X11 fontname to a FontID in ++.B t1lib. ++This is also a valid font database file: ++.sp ++.nf ++4 ++Souvenir Souvenir-Light --- \-itc-souvenir-light-r-normal--#-0-0-0-p-0-iso8859-1 isvl.afm ++Souvenir Souvenir-LightItalic -*- \-itc-souvenir-light-i-normal--#-0-0-0-p-0-iso8859-1 isvli.afm ++ Souvenir-Demi *-- \-itc-souvenir-demi-r-normal--#-0-0-0-p-0-iso8859-1 isvd.afm ++ Souvenir-DemiItalic **- \-itc-souvenir-demi-i-normal--#-0-0-0-p-0-iso8859-1 isvdi.afm ++.fi ++.PP ++.SH FILES ++.I /etc/t1lib/FontDataBase ++.SH "SEE ALSO" ++.BR mkfontdir (1x) ++ +--- t1lib-5.1.2.orig/debian/man/t1libconfig.8 ++++ t1lib-5.1.2/debian/man/t1libconfig.8 +@@ -0,0 +1,57 @@ ++.TH T1LIBCONFIG 8 ++.SH NAME ++.B t1libconfig ++\- create the t1lib.config and FontDataBase files for t1lib ++.SH SYNOPSIS ++.B t1libconfig ++[ ++.BR \-v\fP, \fB\-\-version ++] ++[ ++.BR \-h\fP, \fB\-\-help ++] ++.B \-\-force ++] ++[ ++.B fontdirectory... ++] ++.SH DESCRIPTION ++.B t1libconfig ++scans a list of directories for Type 1 fonts and font metric files, ++and generates a configuration file and font database file for the ++.B t1lib ++rasterizer library accordingly. By default, it looks in all ++subdirectories of /usr/X11R6/lib/X11/fonts, and in ++/usr/lib/ghostscript. Extra directories to search may be specified on ++the command line. The ++.B t1libconfig ++script tries not to scan the same directory twice (this is, however, ++not foolproof, since /usr/X11R6/lib/X11/fonts and /usr/lib/X11/fonts ++typically point to the same directory on GNU/Linux systems). ++.SH OPTIONS ++.TP ++.BR \-v\fP, \fB\-\-version ++Print the version of ++.B t1libconfig ++and exit. ++.TP ++.BR \-h\fP, \fB\-\-help ++Print help about usage and exit. ++.TP ++.B \-\-force ++Force the generation of new configuration files even if these files ++already exist on the system. ++.SH FILES ++.TP 25 ++.B /etc/t1lib/t1lib.config ++Contains configuration information for t1lib, including ++colon-separated lists of paths to Type 1 font files and font metrics ++files, and the location of the default font database file ++.TP 25 ++.B /etc/t1lib/FontDataBase ++Contains a list of the names of Type 1 font files to be used by t1lib. ++.SH AUTHOR ++David Huggins-Daines ++.SH SEE ALSO ++.BR FontDataBase (5) ++ +--- t1lib-5.1.2.orig/debian/man/xglyph.1 ++++ t1lib-5.1.2/debian/man/xglyph.1 +@@ -0,0 +1,111 @@ ++.TH XGLYPH 1 ++.SH NAME ++xglyph \- demonstration program for the t1lib font rasterizer library. ++.SH SYNOPSIS ++.B xglyph ++[ ++.B fontfile... ++] ++.SH "DESCRIPTION" ++This manual page documents briefly the ++.BR xglyph ++program. ++This manual page was written for the Debian GNU/Linux distribution ++because the original program does not have a manual page. ++.PP ++.B xglyph ++is a program which demonstrates the capabilities of the ++.B t1lib ++library. It allows the user to view an arbitrary character or string ++rendered in the various ways pgossible with the library. By default, ++it writes a log file named \fIt1lib.log\fR in the current directory. ++.PP ++If invoked with no arguments, it will attempt to read the global ++configuration file and font database. It will also accept any number ++of filenames on the command line, in which case these are treated as ++font files to be loaded instead of the default font database. ++.SH "OPTIONS" ++.TP ++.BR \-\-help ++Shows a brief help text ++.TP ++.BR \-\-Help ++Shows a description of all options ++.TP ++.BR \-\-noGrid ++Don't draw grid lines when displaying glyphs ++.TP ++.BR \-\-setPad ++Set bitmap padding ++.TP ++.BR \-\-logError ++Log errors only ++.TP ++.BR \-\-logWarning ++Log errors and warnings ++.TP ++.BR \-\-logStatistic ++Log errors, warnings, and statistics ++.TP ++.BR \-\-logDebug ++Log just about everything ++.TP ++.BR \-\-ignoreForceBold ++Don't make pseudo-boldface glyphs ++.TP ++.BR \-\-ignoreFamilyAlignment ++.TP ++.BR \-\-ignoreHinting ++Ignore hints when scaling glyphs ++.TP ++.BR \-\-debugLine ++Show debugging info for line-drawing ++operations in the rasterizer ++.TP ++.BR \-\-debugRegion ++Show debugging info for region operations in ++the rasterizer ++.TP ++.BR \-\-debugPath ++Show debugging info for path operations in the ++rasterizer ++.TP ++.BR \-\-debugFont ++.TP ++.BR \-\-debugHint ++Show debugging info for hinting in the rasterizer. ++.TP ++.BR \-\-checkPerformance ++Do some simple performance tests while rasterizing. ++.TP ++.BR \-\-checkCopyFont ++Check that copying fonts works. ++.TP ++.BR \-\-checkConcatGlyphs ++Check that concatenating glyphs works. ++.TP ++.BR \-\-checkBadCharHandling ++.TP ++.BR \-\-checkDefaultEncoding ++Set a default encoding vector. ++.SH "ENVIRONMENT" ++In the Debian GNU/Linux version of this program, the environment ++variable ++.B T1LIB_CONFIG, ++if set, points to an alternate configuration ++file with which to initialize the library. ++.SH "SEE ALSO" ++.BR FontDataBase (5), ++.BR t1libconfig (8). ++.PP ++.B xglyph ++is much more fully documented in the LaTeX documentation that ++accompanies the upstream ++.B t1lib ++distribution. This documentation is installed in PostScript and source ++formats with the t1lib-dev package in /usr/share/doc/t1lib-dev, and is ++also accessible through the dwww system. ++.SH AUTHOR ++This manual page was written by David Huggins-Daines ++, for the Debian GNU/Linux system (but may ++be used by others). +--- t1lib-5.1.2.orig/debian/man/type1afm.1 ++++ t1lib-5.1.2/debian/man/type1afm.1 +@@ -0,0 +1,34 @@ ++.TH TYPE1AFM 1 ++.SH NAME ++.B type1afm ++\- create a font metrics file from a Type 1 font file ++.SH SYNOPSIS ++.B type1afm ++[ ++.BR \-l ++] ++.B fontfile ++[ ++.B fontfile... ++] ++.SH DESCRIPTION ++This manual page was written for the Debian GNU/Linux distribution ++because the original program does not have a manual page. ++.PP ++.B type1afm ++reads in Type 1 font files specified on the command line, rasterizes ++them to 1000bp, and writes AFM (font metrics) files based on the ++observed metrics information. ++.PP ++The AFM file is created in the same directory as the font file, so be ++sure that you have write access there before running this program. ++.SH OPTIONS ++.TP ++.BR \-l ++Write a log file ++.SH SEE ALSO ++.BR getafm (1) ++.SH AUTHOR ++This manual page was David Huggins-Daines ++for the Debian GNU/Linux distribution (but may be used by others) ++ diff --git a/patches/source/vsftpd/doinst.sh b/patches/source/vsftpd/doinst.sh new file mode 100644 index 00000000..f915774f --- /dev/null +++ b/patches/source/vsftpd/doinst.sh @@ -0,0 +1,15 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/vsftpd.conf.new +config etc/logrotate.d/vsftpd.new +rm -f etc/logrotate.d/vsftpd.new + diff --git a/patches/source/vsftpd/slack-desc b/patches/source/vsftpd/slack-desc new file mode 100644 index 00000000..82b9f521 --- /dev/null +++ b/patches/source/vsftpd/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +vsftpd: vsftpd (Very Secure FTP Daemon) +vsftpd: +vsftpd: vsftpd is an FTP server, or daemon. The 'vs' stands for Very Secure. +vsftpd: Obviously this is not a guarantee, but a reflection that the entire +vsftpd: codebase was written with security in mind, and carefully designed to +vsftpd: be resilient to attack (as well as extremely fast and scalable). +vsftpd: +vsftpd: The vsftpd homepage is http://vsftpd.beasts.org/ +vsftpd: +vsftpd: The Very Secure FTP Daemon was written by Chris Evans. +vsftpd: diff --git a/patches/source/vsftpd/vsftpd.SlackBuild b/patches/source/vsftpd/vsftpd.SlackBuild new file mode 100755 index 00000000..96d8dfbb --- /dev/null +++ b/patches/source/vsftpd/vsftpd.SlackBuild @@ -0,0 +1,106 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2012 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=vsftpd +VERSION=${VERSION:-$(echo ${PKGNAM}-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-vsftpd + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP || exit 1 +rm -rf vsftpd-$VERSION +tar xvf $CWD/vsftpd-$VERSION.tar.gz || exit 1 +cd vsftpd-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +zcat $CWD/vsftpd.builddefs.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/vsftpd.conf.diff.gz | patch -p1 --verbose || exit 1 + +make $NUMJOBS || make || exit 1 + +mkdir -p $PKG/usr/sbin +cp vsftpd $PKG/usr/sbin +chmod 755 $PKG/usr/sbin/vsftpd +strip --strip-unneeded $PKG/usr/sbin/vsftpd + +mkdir -p $PKG/usr/man/man{5,8} +cat vsftpd.conf.5 | gzip -9c > $PKG/usr/man/man5/vsftpd.conf.5.gz +cat vsftpd.8 | gzip -9c > $PKG/usr/man/man8/vsftpd.8.gz + +mkdir -p $PKG/etc +cat vsftpd.conf > $PKG/etc/vsftpd.conf.new + +mkdir -p $PKG/etc/logrotate.d +zcat $CWD/vsftpd.log.gz > $PKG/etc/logrotate.d/vsftpd.new + +mkdir -p $PKG/usr/share/empty +mkdir -p $PKG/home/ftp + +mkdir -p $PKG/usr/doc/vsftpd-$VERSION +cp -a \ + AUDIT BENCHMARKS BUGS COPYING* COPYRIGHT EXAMPLE FAQ \ + INSTALL LICENSE README* REFS REWARD SECURITY SIZE SPEED TODO TUNING \ + $PKG/usr/doc/vsftpd-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r Changelog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat Changelog | head -n 1000 > $DOCSDIR/Changelog + touch -r Changelog $DOCSDIR/Changelog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/vsftpd-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/vsftpd/vsftpd.builddefs.diff b/patches/source/vsftpd/vsftpd.builddefs.diff new file mode 100644 index 00000000..ea908139 --- /dev/null +++ b/patches/source/vsftpd/vsftpd.builddefs.diff @@ -0,0 +1,15 @@ +--- ./builddefs.h.orig 2004-07-02 07:36:59.000000000 -0700 ++++ ./builddefs.h 2004-09-03 11:25:13.000000000 -0700 +@@ -1,9 +1,9 @@ + #ifndef VSF_BUILDDEFS_H + #define VSF_BUILDDEFS_H + +-#undef VSF_BUILD_TCPWRAPPERS +-#define VSF_BUILD_PAM +-#undef VSF_BUILD_SSL ++#define VSF_BUILD_TCPWRAPPERS ++#undef VSF_BUILD_PAM ++#define VSF_BUILD_SSL + + #endif /* VSF_BUILDDEFS_H */ + diff --git a/patches/source/vsftpd/vsftpd.conf.diff b/patches/source/vsftpd/vsftpd.conf.diff new file mode 100644 index 00000000..1f410a7a --- /dev/null +++ b/patches/source/vsftpd/vsftpd.conf.diff @@ -0,0 +1,45 @@ +diff -Nur vsftpd-2.2.1.orig/vsftpd.conf vsftpd-2.2.1/vsftpd.conf +--- vsftpd-2.2.1.orig/vsftpd.conf 2009-10-18 21:04:23.000000000 -0500 ++++ vsftpd-2.2.1/vsftpd.conf 2009-10-19 10:22:16.609407947 -0500 +@@ -19,7 +19,7 @@ + # + # Default umask for local users is 077. You may wish to change this to 022, + # if your users expect that (022 is used by most other ftpd's) +-#local_umask=022 ++local_umask=022 + # + # Uncomment this to allow the anonymous FTP user to upload files. This only + # has an effect if the above global write enable is activated. Also, you will +@@ -48,11 +48,11 @@ + # + # You may override where the log file goes if you like. The default is shown + # below. +-#xferlog_file=/var/log/vsftpd.log ++xferlog_file=/var/log/vsftpd.log + # + # If you want, you can have your log file in standard ftpd xferlog format. + # Note that the default log file location is /var/log/xferlog in this case. +-#xferlog_std_format=YES ++xferlog_std_format=YES + # + # You may change the default value for timing out an idle session. + #idle_session_timeout=600 +@@ -101,12 +101,13 @@ + # default to avoid remote users being able to cause excessive I/O on large + # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume + # the presence of the "-R" option, so there is a strong case for enabling it. +-#ls_recurse_enable=YES ++ls_recurse_enable=YES + # +-# When "listen" directive is enabled, vsftpd runs in standalone mode and +-# listens on IPv4 sockets. This directive cannot be used in conjunction +-# with the listen_ipv6 directive. +-listen=YES ++# When "listen" directive is enabled, vsftpd runs in standalone mode (rather ++# than from inetd) and listens on IPv4 sockets. To use vsftpd in standalone ++# mode rather than with inetd, change the line below to 'listen=YES' ++# This directive cannot be used in conjunction with the listen_ipv6 directive. ++listen=NO + # + # This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6 + # sockets, you must run two copies of vsftpd with two configuration files. diff --git a/patches/source/vsftpd/vsftpd.log b/patches/source/vsftpd/vsftpd.log new file mode 100644 index 00000000..d338de81 --- /dev/null +++ b/patches/source/vsftpd/vsftpd.log @@ -0,0 +1,5 @@ +/var/log/vsftpd.log { + # ftpd doesn't handle SIGHUP properly + nocompress + missingok +} diff --git a/patches/source/wget/doinst.sh b/patches/source/wget/doinst.sh new file mode 100644 index 00000000..dd81eb50 --- /dev/null +++ b/patches/source/wget/doinst.sh @@ -0,0 +1,14 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +config etc/wgetrc.new + diff --git a/patches/source/wget/slack-desc b/patches/source/wget/slack-desc new file mode 100644 index 00000000..d023ea37 --- /dev/null +++ b/patches/source/wget/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +wget: wget (a non-interactive network retriever) +wget: +wget: GNU Wget is a free network utility to retrieve files from the +wget: World Wide Web using HTTP and FTP, the two most widely used Internet +wget: protocols. It works non-interactively, thus enabling work in the +wget: background after having logged off. +wget: +wget: The author of Wget is Hrvoje Niksic . +wget: +wget: +wget: diff --git a/patches/source/wget/wget.SlackBuild b/patches/source/wget/wget.SlackBuild new file mode 100755 index 00000000..2f4fbd82 --- /dev/null +++ b/patches/source/wget/wget.SlackBuild @@ -0,0 +1,109 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2012, 2013, 2014, 2015 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-$(echo wget-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-wget + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf wget-$VERSION +tar xvf $CWD/wget-$VERSION.tar.?z || exit 1 +cd wget-$VERSION + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --mandir=/usr/man \ + --infodir=/usr/info \ + --docdir=/usr/doc/wget-$VERSION \ + --with-ssl=openssl \ + --build=${ARCH}-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +mv $PKG/etc/wgetrc $PKG/etc/wgetrc.new + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +rm -f $PKG/usr/info/dir +gzip -9 $PKG/usr/info/* $PKG/usr/man/man?/* + +mkdir -p $PKG/usr/doc/wget-$VERSION +cp -a \ + AUTHORS COPYING* MAILING-LIST NEWS PATCHES README* TODO \ + $PKG/usr/doc/wget-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/wget-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/wicd/README.SLACKWARE b/patches/source/wicd/README.SLACKWARE new file mode 100644 index 00000000..e7a374dc --- /dev/null +++ b/patches/source/wicd/README.SLACKWARE @@ -0,0 +1,17 @@ +After installing this package, make sure the /etc/rc.d/rc.wicd +script is executable; if necessary, do: + chmod +x /etc/rc.d/rc.wicd + +Results have varied, but you will probably need/want to remove +any references to interfaces from /etc/rc.d/rc.inet1.conf - in +other words, make that file look as if netconfig has never been +run. + +When you start X, you should see a wicd icon in the system tray; +click on it to open the gui interface and configure as desired. +Your user account will need to be a member of the 'netdev' group +in order to use wicd. + +Note that urwid will need to be installed if you want to use the +curses client. Also, if you don't have kde installed, you won't +have a graphical sudo client available. diff --git a/patches/source/wicd/doinst.sh b/patches/source/wicd/doinst.sh new file mode 100644 index 00000000..78732c5b --- /dev/null +++ b/patches/source/wicd/doinst.sh @@ -0,0 +1,37 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +# Keep same perms on rc.wicd.new: +if [ -e etc/rc.d/rc.wicd ]; then + cp -a etc/rc.d/rc.wicd etc/rc.d/rc.wicd.new.incoming + cat etc/rc.d/rc.wicd.new > etc/rc.d/rc.wicd.new.incoming + mv etc/rc.d/rc.wicd.new.incoming etc/rc.d/rc.wicd.new +fi + +# Update desktop menu +if [ -x /usr/bin/update-desktop-database ]; then + /usr/bin/update-desktop-database -q usr/share/applications >/dev/null 2>&1 +fi + +# Update icon cache if one exists +if [ -r usr/share/icons/hicolor/icon-theme.cache ]; then + if [ -x /usr/bin/gtk-update-icon-cache ]; then + /usr/bin/gtk-update-icon-cache -t -f usr/share/icons/hicolor >/dev/null 2>&1 + fi +fi + +config etc/dbus-1/system.d/wicd.conf.new +config etc/rc.d/rc.wicd.new +config etc/wicd/manager-settings.conf.new +config etc/logrotate.d/wicd.logrotate.new + diff --git a/patches/source/wicd/slack-desc b/patches/source/wicd/slack-desc new file mode 100644 index 00000000..47cf875f --- /dev/null +++ b/patches/source/wicd/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler-------------------------------------------------------| +wicd: wicd (network manager for linux) +wicd: +wicd: wicd is a wired and wireless network manager for Linux. +wicd: Some features include: +wicd: - Ability to connect to wired and wireless networks +wicd: - Profiles for each wireless network and wired network +wicd: - Many encryption schemes, some of which include WEP/WPA/WPA2 +wicd: - Compatible with wireless-tools +wicd: +wicd: Homepage: http://wicd.net +wicd: diff --git a/patches/source/wicd/wicd-1.7.2.4.sanitize.string.bugfix.diff b/patches/source/wicd/wicd-1.7.2.4.sanitize.string.bugfix.diff new file mode 100644 index 00000000..4be44631 --- /dev/null +++ b/patches/source/wicd/wicd-1.7.2.4.sanitize.string.bugfix.diff @@ -0,0 +1,11 @@ +--- ./wicd/misc.py.orig 2012-04-30 14:20:09.000000000 -0500 ++++ ./wicd/misc.py 2012-05-09 14:08:24.611298308 -0500 +@@ -430,7 +430,7 @@ + """ Sanitize property names to be used in config-files. """ + allowed = string.ascii_letters + '_' + string.digits + table = string.maketrans(allowed, ' ' * len(allowed)) +- return s.translate(None, table) ++ return s.encode('ascii', 'replace').translate(None, table) + + def sanitize_escaped(s): + """ Sanitize double-escaped unicode strings. """ diff --git a/patches/source/wicd/wicd.SlackBuild b/patches/source/wicd/wicd.SlackBuild new file mode 100755 index 00000000..b6e765a2 --- /dev/null +++ b/patches/source/wicd/wicd.SlackBuild @@ -0,0 +1,100 @@ +#!/bin/sh + +# Copyright 2008,2009,2010,2011,2012 Robby Workman Northport, AL, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PRGNAM=wicd +VERSION=${VERSION:-1.7.2.4} +BUILD=${BUILD:-2_slack13.1} + +# Automatically determine architecture for build & packaging: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PRGNAM + +if [ "$ARCH" = "i486" ]; then + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PRGNAM-$VERSION +tar xvf $CWD/$PRGNAM-$VERSION.tar.xz || exit 1 +cd $PRGNAM-$VERSION || exit 1 +chown -R root:root . + +zcat $CWD/wicd-1.7.2.4.sanitize.string.bugfix.diff.gz | patch -p1 --verbose || exit 1 + +python setup.py configure \ + --lib=/usr/lib${LIBDIRSUFFIX}/wicd \ + --kdedir=/usr/share/autostart \ + --backends=/usr/lib${LIBDIRSUFFIX}/wicd/backends \ + || exit 1 + +# Bypass the need for pybabel (thanks, dapal!) +for pofile in $(find po/ -type f -name "*.po") ; do + mkdir -p translations/$(basename ${pofile} .po)/LC_MESSAGES + msgfmt -o translations/$(basename ${pofile} .po)/LC_MESSAGES/wicd.mo ${pofile} +done + +python setup.py install --root=$PKG || exit 1 + +# Handle some Slackware defaults +# Use dhcpcd as the dhcp client +# Use kdesu as the graphical sudo application +cat << EOF > $PKG/etc/wicd/manager-settings.conf.new +[Settings] +dhcp_client = 2 +sudo_app = 2 +EOF + +# Don't clobber configs on upgrade +mv $PKG/etc/dbus-1/system.d/wicd.conf $PKG/etc/dbus-1/system.d/wicd.conf.new +mv $PKG/etc/logrotate.d/wicd.logrotate $PKG/etc/logrotate.d/wicd.logrotate.new +mv $PKG/etc/rc.d/rc.wicd $PKG/etc/rc.d/rc.wicd.new + +# Compress the man pages and add a bit to the package docs +( cd $PKG/usr/man || exit 1 + find . -type f -exec gzip -9 {} \; + for i in $(find . -type l) ; do ln -s $(readlink $i).gz $i.gz ; rm $i ; done +) +cat $CWD/README.SLACKWARE > $PKG/usr/doc/$PRGNAM-$VERSION/README.SLACKWARE + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -c n -l y $TMP/$PRGNAM-$VERSION-$ARCH-$BUILD.txz diff --git a/patches/source/xcb-proto/arch.use.flags b/patches/source/xcb-proto/arch.use.flags new file mode 100644 index 00000000..11087c88 --- /dev/null +++ b/patches/source/xcb-proto/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/xcb-proto/build/xcb-proto b/patches/source/xcb-proto/build/xcb-proto new file mode 100644 index 00000000..c26b02cb --- /dev/null +++ b/patches/source/xcb-proto/build/xcb-proto @@ -0,0 +1 @@ +1_slack13.1 diff --git a/patches/source/xcb-proto/configure/configure b/patches/source/xcb-proto/configure/configure new file mode 100644 index 00000000..dcb1109b --- /dev/null +++ b/patches/source/xcb-proto/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/xcb-proto/modularize b/patches/source/xcb-proto/modularize new file mode 100644 index 00000000..8a28ed93 --- /dev/null +++ b/patches/source/xcb-proto/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/xcb-proto/noarch b/patches/source/xcb-proto/noarch new file mode 100644 index 00000000..8785ee52 --- /dev/null +++ b/patches/source/xcb-proto/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/xcb-proto/package-blacklist b/patches/source/xcb-proto/package-blacklist new file mode 100644 index 00000000..603b8c31 --- /dev/null +++ b/patches/source/xcb-proto/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/xcb-proto/post-install/xcb-proto.post-install b/patches/source/xcb-proto/post-install/xcb-proto.post-install new file mode 100644 index 00000000..eb341027 --- /dev/null +++ b/patches/source/xcb-proto/post-install/xcb-proto.post-install @@ -0,0 +1,5 @@ +# Add documentation: +mkdir -p $PKG/usr/doc/xcb-proto-$MODULAR_PACKAGE_VERSION +cp -a \ + COPYING README \ + $PKG/usr/doc/xcb-proto-$MODULAR_PACKAGE_VERSION diff --git a/patches/source/xcb-proto/slack-desc/xcb-proto b/patches/source/xcb-proto/slack-desc/xcb-proto new file mode 100644 index 00000000..c66b7140 --- /dev/null +++ b/patches/source/xcb-proto/slack-desc/xcb-proto @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xcb-proto: xcb-proto (X protocol C-language Binding protocol descriptions) +xcb-proto: +xcb-proto: xcb-proto provides the XML-XCB protocol descriptions that libxcb +xcb-proto: uses to generate the majority of its code and API. We provide them +xcb-proto: separately from libxcb to allow reuse by other projects, such as +xcb-proto: additional language bindings, protocol dissectors, or documentation +xcb-proto: generators. +xcb-proto: +xcb-proto: +xcb-proto: +xcb-proto: diff --git a/patches/source/xcb-proto/x11.SlackBuild b/patches/source/xcb-proto/x11.SlackBuild new file mode 100755 index 00000000..c3887dff --- /dev/null +++ b/patches/source/xcb-proto/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/xcb-proto/xcb-proto.SlackBuild b/patches/source/xcb-proto/xcb-proto.SlackBuild new file mode 100755 index 00000000..84fbe97b --- /dev/null +++ b/patches/source/xcb-proto/xcb-proto.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild xcb xcb-proto +mv /tmp/x11-build/xcb-proto*txz /tmp diff --git a/patches/source/xextproto/arch.use.flags b/patches/source/xextproto/arch.use.flags new file mode 100644 index 00000000..11087c88 --- /dev/null +++ b/patches/source/xextproto/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/xextproto/build/xextproto b/patches/source/xextproto/build/xextproto new file mode 100644 index 00000000..c26b02cb --- /dev/null +++ b/patches/source/xextproto/build/xextproto @@ -0,0 +1 @@ +1_slack13.1 diff --git a/patches/source/xextproto/configure/configure b/patches/source/xextproto/configure/configure new file mode 100644 index 00000000..dcb1109b --- /dev/null +++ b/patches/source/xextproto/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/xextproto/modularize b/patches/source/xextproto/modularize new file mode 100644 index 00000000..8a28ed93 --- /dev/null +++ b/patches/source/xextproto/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/xextproto/noarch b/patches/source/xextproto/noarch new file mode 100644 index 00000000..8785ee52 --- /dev/null +++ b/patches/source/xextproto/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/xextproto/package-blacklist b/patches/source/xextproto/package-blacklist new file mode 100644 index 00000000..603b8c31 --- /dev/null +++ b/patches/source/xextproto/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/xextproto/slack-desc/xextproto b/patches/source/xextproto/slack-desc/xextproto new file mode 100644 index 00000000..6ea870d0 --- /dev/null +++ b/patches/source/xextproto/slack-desc/xextproto @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xextproto: xextproto (C prototypes for X Protocol Extensions) +xextproto: +xextproto: xextproto is part of X11. +xextproto: +xextproto: For more information about the X.Org Foundation (the providers of the +xextproto: X.Org implementation of the X Window System), see their website: +xextproto: +xextproto: http://www.x.org +xextproto: +xextproto: +xextproto: diff --git a/patches/source/xextproto/x11.SlackBuild b/patches/source/xextproto/x11.SlackBuild new file mode 100755 index 00000000..c3887dff --- /dev/null +++ b/patches/source/xextproto/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/xextproto/xextproto.SlackBuild b/patches/source/xextproto/xextproto.SlackBuild new file mode 100755 index 00000000..a61c5c38 --- /dev/null +++ b/patches/source/xextproto/xextproto.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild proto xextproto +mv /tmp/x11-build/xextproto*txz /tmp diff --git a/patches/source/xorg-server/arch.use.flags b/patches/source/xorg-server/arch.use.flags new file mode 100644 index 00000000..f28a6cca --- /dev/null +++ b/patches/source/xorg-server/arch.use.flags @@ -0,0 +1,7 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/xorg-server/build/xorg-server b/patches/source/xorg-server/build/xorg-server new file mode 100644 index 00000000..e7b87ee3 --- /dev/null +++ b/patches/source/xorg-server/build/xorg-server @@ -0,0 +1 @@ +4_slack13.1 diff --git a/patches/source/xorg-server/configure/xorg-server b/patches/source/xorg-server/configure/xorg-server new file mode 100644 index 00000000..943797bf --- /dev/null +++ b/patches/source/xorg-server/configure/xorg-server @@ -0,0 +1,41 @@ +# Servers to build: +BUILD_SERVERS="--enable-xorg \ + --enable-xvfb \ + --enable-xnest \ + --enable-kdrive \ + --enable-xephyr \ + --enable-xsdl \ + --enable-xfbdev" + +MESA_VERSION=${MESA_VERSION:-7.5} # unused in 1.7.x + +# Default font paths to be used by the X server +DEF_FONTPATH="/usr/share/fonts/local,/usr/share/fonts/TTF,/usr/share/fonts/OTF,/usr/share/fonts/Type1,/usr/share/fonts/misc,/usr/share/fonts/CID,/usr/share/fonts/75dpi/:unscaled,/usr/share/fonts/100dpi/:unscaled,/usr/share/fonts/75dpi,/usr/share/fonts/100dpi,/usr/share/fonts/cyrillic" + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --disable-static \ + --with-pic \ + --with-int10=x86emu \ + --with-default-font-path="${DEF_FONTPATH}" \ + --with-module-dir=/usr/lib${LIBDIRSUFFIX}/xorg/modules \ + --with-dri-driver-path=/usr/lib${LIBDIRSUFFIX}/xorg/modules/dri \ + --with-os-name="Slackware 13.1" \ + --with-os-vendor="Slackware Linux Project" \ + --with-xkb-path=/etc/X11/xkb \ + --with-xkb-output=/var/lib/xkb \ + $BUILD_SERVERS \ + --build=$ARCH-slackware-linux + +if [ "$ARCH" = "x86_64" ]; then + # To prevent the error "No rule to make target `-ldl'" + sed -i -e 's#-ldl##' hw/xfree86/Makefile + sed -i -e 's#-lm#-lm -ldl#' hw/xfree86/Makefile +fi + diff --git a/patches/source/xorg-server/makepkg/xorg-server b/patches/source/xorg-server/makepkg/xorg-server new file mode 100644 index 00000000..67b93c97 --- /dev/null +++ b/patches/source/xorg-server/makepkg/xorg-server @@ -0,0 +1,35 @@ + +rm -r ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest/usr/bin +mv $PKG/usr/bin/Xnest ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest/usr/bin +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest/usr/man/man1 +mv $PKG/usr/man/man1/Xnest.1.gz ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest/usr/man/man1 +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest/install +cat $CWD/slack-desc/xorg-server-xnest > ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest/install/slack-desc +cd ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest +/sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/xorg-server-xnest-${MODULAR_PACKAGE_VERSION}-$ARCH-$BUILD.txz + +rm -r ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb/usr/bin +mv $PKG/usr/bin/Xvfb ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb/usr/bin +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb/usr/man/man1 +mv $PKG/usr/man/man1/Xvfb.1.gz ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb/usr/man/man1 +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb/install +cat $CWD/slack-desc/xorg-server-xvfb > ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb/install/slack-desc +cd ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb +/sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/xorg-server-xvfb-${MODULAR_PACKAGE_VERSION}-$ARCH-$BUILD.txz + +rm -r ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr/usr/bin +mv $PKG/usr/bin/Xephyr ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr/usr/bin +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr/usr/man/man1 +mv $PKG/usr/man/man1/Xephyr.1.gz ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr/usr/man/man1 +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr/install +cat $CWD/slack-desc/xorg-server-xephyr > ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr/install/slack-desc +cd ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr +/sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/xorg-server-xephyr-${MODULAR_PACKAGE_VERSION}-$ARCH-$BUILD.txz + +# Build the main xorg-server package: +cd $PKG +/sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/xorg-server-${MODULAR_PACKAGE_VERSION}-$ARCH-$BUILD.txz + diff --git a/patches/source/xorg-server/modularize b/patches/source/xorg-server/modularize new file mode 100644 index 00000000..d6eb2f68 --- /dev/null +++ b/patches/source/xorg-server/modularize @@ -0,0 +1,265 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/xorg-server/noarch b/patches/source/xorg-server/noarch new file mode 100644 index 00000000..480ffc26 --- /dev/null +++ b/patches/source/xorg-server/noarch @@ -0,0 +1,76 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-cf-files +xorg-docs +xproto +xtrans diff --git a/patches/source/xorg-server/package-blacklist b/patches/source/xorg-server/package-blacklist new file mode 100644 index 00000000..37762499 --- /dev/null +++ b/patches/source/xorg-server/package-blacklist @@ -0,0 +1,39 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/xorg-server/patch/xorg-server.patch b/patches/source/xorg-server/patch/xorg-server.patch new file mode 100644 index 00000000..5fd59a64 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server.patch @@ -0,0 +1,6 @@ +zcat $CWD/patch/xorg-server/x11.startwithblackscreen.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patch/xorg-server/xorg-server.fb.fbpict.c.mod.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patch/xorg-server/xorg-server.CVE-2010-2240.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patch/xorg-server/xorg-server.CVE-2013-4396.diff.gz | patch -p1 -l --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +zcat $CWD/patch/xorg-server/xorg-server.CVE-2017-10971.diff.gz | patch -p1 -l --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +zcat $CWD/patch/xorg-server/xorg-server.CVE-2017-10972.diff.gz | patch -p1 -l --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } diff --git a/patches/source/xorg-server/patch/xorg-server/x11.startwithblackscreen.diff b/patches/source/xorg-server/patch/xorg-server/x11.startwithblackscreen.diff new file mode 100644 index 00000000..bfa9c305 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/x11.startwithblackscreen.diff @@ -0,0 +1,13 @@ +--- ./dix/window.c.orig 2007-01-22 23:39:15.000000000 -0600 ++++ ./dix/window.c 2007-02-14 03:21:03.000000000 -0600 +@@ -140,8 +140,8 @@ + * + ******/ + +-static unsigned char _back_lsb[4] = {0x88, 0x22, 0x44, 0x11}; +-static unsigned char _back_msb[4] = {0x11, 0x44, 0x22, 0x88}; ++static unsigned char _back_lsb[4] = {0x00, 0x00, 0x00, 0x00}; ++static unsigned char _back_msb[4] = {0x00, 0x00, 0x00, 0x00}; + + _X_EXPORT int screenIsSaved = SCREEN_SAVER_OFF; + diff --git a/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2010-2240.diff b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2010-2240.diff new file mode 100644 index 00000000..0001df45 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2010-2240.diff @@ -0,0 +1,130 @@ +--- ./os/osinit.c.orig 2010-04-20 21:00:27.000000000 -0500 ++++ ./os/osinit.c 2010-08-20 12:25:00.116604519 -0500 +@@ -96,6 +96,14 @@ + #ifdef RLIMIT_NOFILE + int limitNoFile = -1; + #endif ++#ifdef RLIMIT_AS ++#ifdef _XSERVER64 ++#define XORG_AS_LIMIT 10737418240LL ++#else ++#define XORG_AS_LIMIT 1610612736 ++#endif ++long limitAddressSpace = XORG_AS_LIMIT; ++#endif + + static OsSigWrapperPtr OsSigWrapper = NULL; + +@@ -302,6 +310,22 @@ + } + } + #endif ++#ifdef RLIMIT_AS ++ if (limitAddressSpace >= 0) ++ { ++ struct rlimit rlim; ++ ++ if (!getrlimit(RLIMIT_AS, &rlim)) ++ { ++ if ((limitAddressSpace > 0) ++ && (limitAddressSpace < rlim.rlim_max)) ++ rlim.rlim_cur = limitAddressSpace; ++ else ++ rlim.rlim_cur = rlim.rlim_max; ++ (void)setrlimit(RLIMIT_AS, &rlim); ++ } ++ } ++#endif + LockServer(); + been_here = TRUE; + } +--- ./os/utils.c.orig 2010-05-03 19:48:00.000000000 -0500 ++++ ./os/utils.c 2010-08-20 12:26:06.448480889 -0500 +@@ -63,6 +63,36 @@ + __stdcall unsigned long GetTickCount(void); + #endif + ++/* ++ * issetugid() ++ * ++ * Copyright (C) - 2007 Robert Connolly ++ * ++ * Permission to reproduce, copy, delete, distribute, transmit, use, modify, ++ * build upon or otherwise exploit this software, in any form, for any ++ * purpose, in any way, and by anyone, including by methods that have not ++ * yet been invented or conceived, is hereby granted. ++ */ ++#include ++extern int __libc_enable_secure; ++int issetugid(void) ++{ ++ if (__libc_enable_secure) ++ { ++ return 1; ++ } ++ if (getuid() != geteuid()) ++ { ++ return 1; ++ } ++ if (getgid() != getegid()) ++ { ++ return 1; ++ } ++ /* Else */ ++ return 0; ++} ++ + #if defined(WIN32) && !defined(__CYGWIN__) + #include + #endif +@@ -758,6 +788,22 @@ + UseMsg(); + } + #endif ++#ifdef RLIMIT_AS ++ else if ( strcmp( argv[i], "-la") == 0) ++ { ++ if (getuid() != 0 && issetugid()) { ++ FatalError("The '-la' option can only be used by root.\n"); ++ } ++ if(++i < argc) ++ { ++ limitAddressSpace = atol(argv[i]); ++ if (limitAddressSpace > 0) ++ limitAddressSpace *= 1024; ++ } ++ else ++ UseMsg(); ++ } ++#endif + #ifdef SERVER_LOCK + else if ( strcmp ( argv[i], "-nolock") == 0) + { +--- ./doc/Xserver.man.pre.orig 2010-05-03 19:47:58.000000000 -0500 ++++ ./doc/Xserver.man.pre 2010-08-20 12:25:00.116604519 -0500 +@@ -293,6 +293,13 @@ + A value of zero makes the stack size as large as possible. The default value + of \-1 leaves the stack space limit unchanged. + .TP 8 ++.B \-la \fIkilobytes\fP ++sets the address space limit of the server to the specified number of ++kilobytes. ++A value of zero makes address space as large as possible. ++The default value is 1572864 (1.5GB) on 32 bit architectures and ++10485760 (10GB) on 64 bit architectures. ++.TP 8 + .B \-logo + turns on the X Window System logo display in the screen-saver. + There is currently no way to change this from a client. +--- ./include/opaque.h.orig 2010-04-20 21:00:27.000000000 -0500 ++++ ./include/opaque.h 2010-08-20 12:25:00.116604519 -0500 +@@ -67,6 +67,9 @@ + #ifdef RLIMIT_NOFILE + extern _X_EXPORT int limitNoFile; + #endif ++#ifdef RLIMIT_AS ++extern _X_EXPORT int limitAddressSpace; ++#endif + extern _X_EXPORT Bool defeatAccessControl; + extern _X_EXPORT long maxBigRequestSize; + extern _X_EXPORT Bool party_like_its_1989; diff --git a/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2013-4396.diff b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2013-4396.diff new file mode 100644 index 00000000..dc4d0a25 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2013-4396.diff @@ -0,0 +1,42 @@ +--- ./dix/dixfonts.c.orig 2010-05-03 19:47:57.000000000 -0500 ++++ ./dix/dixfonts.c 2013-10-09 21:45:40.215770648 -0500 +@@ -1508,6 +1508,7 @@ + GC *pGC; + unsigned char *data; + ITclosurePtr new_closure; ++ ITclosurePtr old_closure; + + /* We're putting the client to sleep. We need to + save some state. Similar problem to that handled +@@ -1520,6 +1521,7 @@ + err = BadAlloc; + goto bail; + } ++ old_closure = c; + *new_closure = *c; + c = new_closure; + +@@ -1527,6 +1529,7 @@ + if (!data) + { + xfree(c); ++ c = old_closure; + err = BadAlloc; + goto bail; + } +@@ -1538,6 +1541,7 @@ + { + xfree(c->data); + xfree(c); ++ c = old_closure; + err = BadAlloc; + goto bail; + } +@@ -1551,6 +1555,7 @@ + FreeScratchGC(pGC); + xfree(c->data); + xfree(c); ++ c = old_closure; + err = BadAlloc; + goto bail; + } diff --git a/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-10971.diff b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-10971.diff new file mode 100644 index 00000000..25f09ee1 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-10971.diff @@ -0,0 +1,21 @@ +--- ./Xi/sendexev.c.orig 2010-04-30 04:26:35.000000000 -0500 ++++ ./Xi/sendexev.c 2017-08-15 14:58:25.709950954 -0500 +@@ -95,9 +95,17 @@ + + eventP = (xEvent *) & stuff[1]; + for (i = 0; i < stuff->num_events; i++, eventP++) { ++ if (eventP->u.u.type == GenericEvent) { ++ client->errorValue = eventP->u.u.type; ++ return BadValue; ++ } ++ + proc = EventSwapVector[eventP->u.u.type & 0177]; +- if (proc == NotImplemented) /* no swapping proc; invalid event type? */ ++ /* no swapping proc; invalid event type? */ ++ if (proc == NotImplemented) { ++ client->errorValue = eventP->u.u.type; + return (BadValue); ++ } + (*proc) (eventP, &eventT); + *eventP = eventT; + } diff --git a/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-10972.diff b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-10972.diff new file mode 100644 index 00000000..edddc8d6 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-10972.diff @@ -0,0 +1,36 @@ +From 05442de962d3dc624f79fc1a00eca3ffc5489ced Mon Sep 17 00:00:00 2001 +From: Michal Srb +Date: Wed, 24 May 2017 15:54:39 +0300 +Subject: Xi: Zero target buffer in SProcXSendExtensionEvent. + +Make sure that the xEvent eventT is initialized with zeros, the same way as +in SProcSendEvent. + +Some event swapping functions do not overwrite all 32 bytes of xEvent +structure, for example XSecurityAuthorizationRevoked. Two cooperating +clients, one swapped and the other not, can send +XSecurityAuthorizationRevoked event to each other to retrieve old stack data +from X server. This can be potentialy misused to go around ASLR or +stack-protector. + +Signed-off-by: Michal Srb +Reviewed-by: Peter Hutterer +Signed-off-by: Peter Hutterer + +diff --git a/Xi/sendexev.c b/Xi/sendexev.c +index 11d8202..1cf118a 100644 +--- a/Xi/sendexev.c ++++ b/Xi/sendexev.c +@@ -78,7 +78,7 @@ SProcXSendExtensionEvent(ClientPtr client) + { + CARD32 *p; + int i; +- xEvent eventT; ++ xEvent eventT = { .u.u.type = 0 }; + xEvent *eventP; + EventSwapPtr proc; + +-- +cgit v0.10.2 + + diff --git a/patches/source/xorg-server/patch/xorg-server/xorg-server.fb.fbpict.c.mod.diff b/patches/source/xorg-server/patch/xorg-server/xorg-server.fb.fbpict.c.mod.diff new file mode 100644 index 00000000..f8abdccb --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/xorg-server.fb.fbpict.c.mod.diff @@ -0,0 +1,11 @@ +--- ./fb/fbpict.c.orig 2010-03-11 22:38:21.000000000 -0600 ++++ ./fb/fbpict.c 2010-04-29 14:14:52.000000000 -0500 +@@ -37,7 +37,7 @@ + #include "mipict.h" + #include "fbpict.h" + +-#define mod(a,b) ((b) == 1 ? 0 : (a) >= 0 ? (a) % (b) : (b) - (-a) % (b)) ++#define mod(a,b) ((b) == 1 ? 0 : (a) >= 0 ? (a) % (b) : (b) - (-(a)) % (b)) + + void + fbWalkCompositeRegion (CARD8 op, diff --git a/patches/source/xorg-server/post-install/xorg-server.post-install b/patches/source/xorg-server/post-install/xorg-server.post-install new file mode 100644 index 00000000..0185cb70 --- /dev/null +++ b/patches/source/xorg-server/post-install/xorg-server.post-install @@ -0,0 +1,17 @@ +# Add COPYING file: +mkdir -p $PKG/usr/doc/xorg-server-$MODULAR_PACKAGE_VERSION +cp -a COPYING $PKG/usr/doc/xorg-server-$MODULAR_PACKAGE_VERSION + +# Don't mess with my /var/log/ permissions: +rmdir $PKG/var/log +rmdir $PKG/var + +# While I hate to have X11 take over another generic-sounding +# piece of prime filesystem real estate, this symlink will +# direct (for now) proprietary X drivers into the corrent +# location: + +( cd $PKG/usr/lib + rm -rf modules + ln -sf xorg/modules . +) diff --git a/patches/source/xorg-server/slack-desc/xorg-server b/patches/source/xorg-server/slack-desc/xorg-server new file mode 100644 index 00000000..9d25b405 --- /dev/null +++ b/patches/source/xorg-server/slack-desc/xorg-server @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xorg-server: xorg-server (The Xorg server, the core of the X Window System) +xorg-server: +xorg-server: Xorg is a full featured X server that was originally designed for UNIX +xorg-server: and UNIX-like operating systems running on Intel x86 hardware. It now +xorg-server: runs on a wider range of hardware and OS platforms. This work was +xorg-server: derived by the X.Org Foundation from the XFree86 Project's XFree86 +xorg-server: 4.4rc2 release. The XFree86 release was originally derived from X386 +xorg-server: 1.2 by Thomas Roell which was contributed to X11R5 by Snitily Graphics +xorg-server: Consulting Service. +xorg-server: +xorg-server: The home page for the X project is: http://www.x.org diff --git a/patches/source/xorg-server/slack-desc/xorg-server-xephyr b/patches/source/xorg-server/slack-desc/xorg-server-xephyr new file mode 100644 index 00000000..640f3d18 --- /dev/null +++ b/patches/source/xorg-server/slack-desc/xorg-server-xephyr @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xorg-server-xephyr: xorg-server-xephyr (Improved nested X server/client) +xorg-server-xephyr: +xorg-server-xephyr: Xephyr is a nested X-Client like Xnest, but with some additional +xorg-server-xephyr: features like XRender support. +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: diff --git a/patches/source/xorg-server/slack-desc/xorg-server-xnest b/patches/source/xorg-server/slack-desc/xorg-server-xnest new file mode 100644 index 00000000..393f93bd --- /dev/null +++ b/patches/source/xorg-server/slack-desc/xorg-server-xnest @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xorg-server-xnest: xorg-server-xnest (a nested X server) +xorg-server-xnest: +xorg-server-xnest: Xnest is an experimental nested server for X that acts as both a +xorg-server-xnest: client and a server. Xnest is a client of the real server which +xorg-server-xnest: manages windows and graphics requests on its behalf. Xnest is a +xorg-server-xnest: server to its own clients. Xnest manages windows and graphics +xorg-server-xnest: requests on their behalf. To these clients Xnest appears to be a +xorg-server-xnest: conventional server. +xorg-server-xnest: +xorg-server-xnest: +xorg-server-xnest: diff --git a/patches/source/xorg-server/slack-desc/xorg-server-xvfb b/patches/source/xorg-server/slack-desc/xorg-server-xvfb new file mode 100644 index 00000000..aff9c642 --- /dev/null +++ b/patches/source/xorg-server/slack-desc/xorg-server-xvfb @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xorg-server-xvfb: xorg-server-xvfb (virtual framebuffer X server) +xorg-server-xvfb: +xorg-server-xvfb: Xvfb is an X server that can run on machines with no display hardware +xorg-server-xvfb: and no physical input devices. It emulates a dumb framebuffer using +xorg-server-xvfb: virtual memory. The primary use of this server is intended to be +xorg-server-xvfb: server testing. The mfb or cfb code for any depth can be exercised +xorg-server-xvfb: with this server without the need for real hardware that supports the +xorg-server-xvfb: desired depths. A secondary use is testing clients against unusual +xorg-server-xvfb: depths and screen configurations. +xorg-server-xvfb: +xorg-server-xvfb: diff --git a/patches/source/xorg-server/x11.SlackBuild b/patches/source/xorg-server/x11.SlackBuild new file mode 100755 index 00000000..ca729708 --- /dev/null +++ b/patches/source/xorg-server/x11.SlackBuild @@ -0,0 +1,364 @@ +#!/bin/sh +# Copyright 2007-2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc driver font xserver ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/xorg-server/xorg-server.SlackBuild b/patches/source/xorg-server/xorg-server.SlackBuild new file mode 100755 index 00000000..688448ec --- /dev/null +++ b/patches/source/xorg-server/xorg-server.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild xserver xorg-server +mv /tmp/x11-build/*txz /tmp diff --git a/patches/source/xpdf/doinst.sh b/patches/source/xpdf/doinst.sh new file mode 100644 index 00000000..03a6ae85 --- /dev/null +++ b/patches/source/xpdf/doinst.sh @@ -0,0 +1,19 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +config etc/xpdfrc.new + +if [ -x /usr/bin/update-desktop-database ]; then + /usr/bin/update-desktop-database -q usr/share/applications >/dev/null 2>&1 +fi + diff --git a/patches/source/xpdf/lang/xpdf-arabic.diff b/patches/source/xpdf/lang/xpdf-arabic.diff new file mode 100644 index 00000000..006e836a --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-arabic.diff @@ -0,0 +1,7 @@ +--- ./add-to-xpdfrc.orig 2011-08-15 16:24:29.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:43:21.102417270 -0500 +@@ -1,3 +1,3 @@ + #----- begin Arabic support package (2011-aug-15) +-unicodeMap ISO-8859-6 /usr/local/share/xpdf/arabic/ISO-8859-6.unicodeMap ++unicodeMap ISO-8859-6 /usr/share/xpdf/arabic/ISO-8859-6.unicodeMap + #----- end Arabic support package diff --git a/patches/source/xpdf/lang/xpdf-chinese-simplified.diff b/patches/source/xpdf/lang/xpdf-chinese-simplified.diff new file mode 100644 index 00000000..bec5e25b --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-chinese-simplified.diff @@ -0,0 +1,19 @@ +--- ./add-to-xpdfrc.orig 2011-09-02 17:24:44.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:45:42.020412765 -0500 +@@ -1,9 +1,9 @@ + #----- begin Chinese Simplified support package (2011-sep-02) +-cidToUnicode Adobe-GB1 /usr/local/share/xpdf/chinese-simplified/Adobe-GB1.cidToUnicode +-unicodeMap ISO-2022-CN /usr/local/share/xpdf/chinese-simplified/ISO-2022-CN.unicodeMap +-unicodeMap EUC-CN /usr/local/share/xpdf/chinese-simplified/EUC-CN.unicodeMap +-unicodeMap GBK /usr/local/share/xpdf/chinese-simplified/GBK.unicodeMap +-cMapDir Adobe-GB1 /usr/local/share/xpdf/chinese-simplified/CMap +-toUnicodeDir /usr/local/share/xpdf/chinese-simplified/CMap +-#fontFileCC Adobe-GB1 /usr/..../gkai00mp.ttf ++cidToUnicode Adobe-GB1 /usr/share/xpdf/chinese-simplified/Adobe-GB1.cidToUnicode ++unicodeMap ISO-2022-CN /usr/share/xpdf/chinese-simplified/ISO-2022-CN.unicodeMap ++unicodeMap EUC-CN /usr/share/xpdf/chinese-simplified/EUC-CN.unicodeMap ++unicodeMap GBK /usr/share/xpdf/chinese-simplified/GBK.unicodeMap ++cMapDir Adobe-GB1 /usr/share/xpdf/chinese-simplified/CMap ++toUnicodeDir /usr/share/xpdf/chinese-simplified/CMap ++fontFileCC Adobe-GB1 /usr/share/fonts/TTF/wqy-zenhei.ttc + #----- end Chinese Simplified support package diff --git a/patches/source/xpdf/lang/xpdf-chinese-traditional.diff b/patches/source/xpdf/lang/xpdf-chinese-traditional.diff new file mode 100644 index 00000000..24857f46 --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-chinese-traditional.diff @@ -0,0 +1,17 @@ +--- ./add-to-xpdfrc.orig 2011-09-02 17:24:44.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:46:03.285412085 -0500 +@@ -1,8 +1,8 @@ + #----- begin Chinese Traditional support package (2011-sep-02) +-cidToUnicode Adobe-CNS1 /usr/local/share/xpdf/chinese-traditional/Adobe-CNS1.cidToUnicode +-unicodeMap Big5 /usr/local/share/xpdf/chinese-traditional/Big5.unicodeMap +-unicodeMap Big5ascii /usr/local/share/xpdf/chinese-traditional/Big5ascii.unicodeMap +-cMapDir Adobe-CNS1 /usr/local/share/xpdf/chinese-traditional/CMap +-toUnicodeDir /usr/local/share/xpdf/chinese-traditional/CMap +-#fontFileCC Adobe-CNS1 /usr/..../bkai00mp.ttf ++cidToUnicode Adobe-CNS1 /usr/share/xpdf/chinese-traditional/Adobe-CNS1.cidToUnicode ++unicodeMap Big5 /usr/share/xpdf/chinese-traditional/Big5.unicodeMap ++unicodeMap Big5ascii /usr/share/xpdf/chinese-traditional/Big5ascii.unicodeMap ++cMapDir Adobe-CNS1 /usr/share/xpdf/chinese-traditional/CMap ++toUnicodeDir /usr/share/xpdf/chinese-traditional/CMap ++fontFileCC Adobe-CNS1 /usr/share/fonts/TTF/wqy-zenhei.ttc + #----- end Chinese Traditional support package diff --git a/patches/source/xpdf/lang/xpdf-cyrillic.diff b/patches/source/xpdf/lang/xpdf-cyrillic.diff new file mode 100644 index 00000000..c453271a --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-cyrillic.diff @@ -0,0 +1,9 @@ +--- ./add-to-xpdfrc.orig 2011-08-15 16:24:29.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:43:21.115417270 -0500 +@@ -1,4 +1,4 @@ + #----- begin Cyrillic support package (2011-aug-15) +-nameToUnicode /usr/local/share/xpdf/cyrillic/Bulgarian.nameToUnicode +-unicodeMap KOI8-R /usr/local/share/xpdf/cyrillic/KOI8-R.unicodeMap ++nameToUnicode /usr/share/xpdf/cyrillic/Bulgarian.nameToUnicode ++unicodeMap KOI8-R /usr/share/xpdf/cyrillic/KOI8-R.unicodeMap + #----- end Cyrillic support package diff --git a/patches/source/xpdf/lang/xpdf-greek.diff b/patches/source/xpdf/lang/xpdf-greek.diff new file mode 100644 index 00000000..2e846160 --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-greek.diff @@ -0,0 +1,9 @@ +--- ./add-to-xpdfrc.orig 2011-08-15 16:24:29.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:43:21.116417270 -0500 +@@ -1,4 +1,4 @@ + #----- begin Greek support package (2011-aug-15) +-nameToUnicode /usr/local/share/xpdf/greek/Greek.nameToUnicode +-unicodeMap ISO-8859-7 /usr/local/share/xpdf/greek/ISO-8859-7.unicodeMap ++nameToUnicode /usr/share/xpdf/greek/Greek.nameToUnicode ++unicodeMap ISO-8859-7 /usr/share/xpdf/greek/ISO-8859-7.unicodeMap + #----- end Greek support package diff --git a/patches/source/xpdf/lang/xpdf-hebrew.diff b/patches/source/xpdf/lang/xpdf-hebrew.diff new file mode 100644 index 00000000..2c27bb6f --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-hebrew.diff @@ -0,0 +1,9 @@ +--- ./add-to-xpdfrc.orig 2011-08-15 16:24:29.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:43:21.117417269 -0500 +@@ -1,4 +1,4 @@ + #----- begin Hebrew support package (2011-aug-15) +-unicodeMap ISO-8859-8 /usr/local/share/xpdf/hebrew/ISO-8859-8.unicodeMap +-unicodeMap Windows-1255 /usr/local/share/xpdf/hebrew/Windows-1255.unicodeMap ++unicodeMap ISO-8859-8 /usr/share/xpdf/hebrew/ISO-8859-8.unicodeMap ++unicodeMap Windows-1255 /usr/share/xpdf/hebrew/Windows-1255.unicodeMap + #----- end Hebrew support package diff --git a/patches/source/xpdf/lang/xpdf-japanese.diff b/patches/source/xpdf/lang/xpdf-japanese.diff new file mode 100644 index 00000000..ff0c6e98 --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-japanese.diff @@ -0,0 +1,55 @@ +--- ./add-to-xpdfrc.orig 2013-03-29 14:49:00.000000000 +0900 ++++ ./add-to-xpdfrc 2013-03-29 15:00:17.000000000 +0900 +@@ -1,9 +1,45 @@ + #----- begin Japanese support package (2011-sep-02) +-cidToUnicode Adobe-Japan1 /usr/local/share/xpdf/japanese/Adobe-Japan1.cidToUnicode +-unicodeMap ISO-2022-JP /usr/local/share/xpdf/japanese/ISO-2022-JP.unicodeMap +-unicodeMap EUC-JP /usr/local/share/xpdf/japanese/EUC-JP.unicodeMap +-unicodeMap Shift-JIS /usr/local/share/xpdf/japanese/Shift-JIS.unicodeMap +-cMapDir Adobe-Japan1 /usr/local/share/xpdf/japanese/CMap +-toUnicodeDir /usr/local/share/xpdf/japanese/CMap +-#fontFileCC Adobe-Japan1 /usr/..../kochi-mincho.ttf ++cidToUnicode Adobe-Japan1 /usr/share/xpdf/japanese/Adobe-Japan1.cidToUnicode ++unicodeMap ISO-2022-JP /usr/share/xpdf/japanese/ISO-2022-JP.unicodeMap ++unicodeMap EUC-JP /usr/share/xpdf/japanese/EUC-JP.unicodeMap ++unicodeMap Shift-JIS /usr/share/xpdf/japanese/Shift-JIS.unicodeMap ++cMapDir Adobe-Japan1 /usr/share/xpdf/japanese/CMap ++toUnicodeDir /usr/share/xpdf/japanese/CMap ++### use Sazanami by default ++fontFileCC Adobe-Japan1 /usr/share/fonts/TTF/sazanami-mincho.ttf ++### use Sazanami (Sazanami Gothic) if gothic font is required ++fontFileCC ShinGo-Bold /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC ShinGo-regular /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC MidashiGo-MB31 /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC FutoGoB101-Bold /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC HeiseiKakuGo-W5 /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC HeiseiKakuGo-W9 /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC HeiseiMaruGo-W4 /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC MS-Gothic /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC HG-GothicB /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC Kochi-Gothic /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC GothicBBB-Medium-H /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC GothicBBB-Medium /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC Ryumin-Light-H /usr/share/fonts/TTF/sazanami-mincho.ttf ++fontFileCC Ryumin-Light /usr/share/fonts/TTF/sazanami-mincho.ttf ++### make default font name to "Ryumin-Light" when converted to PostScript ++psResidentFontCC Adobe-Japan1 H Ryumin-Light-H ISO-2022-JP ++psResidentFontCC Adobe-Japan1 V Ryumin-Light-V ISO-2022-JP ++# use "Gothic-BBB-Medium" if gothic font is required ++psResidentFont16 MidashiGo-MB31 H GothicBBB-Medium-H ISO-2022-JP ++psResidentFont16 MidashiGo-MB31 V GothicBBB-Medium-V ISO-2022-JP ++psResidentFont16 FutoGoB101-Bold H GothicBBB-Medium-H ISO-2022-JP ++psResidentFont16 FutoGoB101-Bold V GothicBBB-Medium-V ISO-2022-JP ++psResidentFont16 HeiseiKakuGo-W5 H GothicBBB-Medium-H ISO-2022-JP ++psResidentFont16 HeiseiKakuGo-W5 V GothicBBB-Medium-V ISO-2022-JP ++psResidentFont16 HeiseiKakuGo-W9 H GothicBBB-Medium-H ISO-2022-JP ++psResidentFont16 HeiseiKakuGo-W9 V GothicBBB-Medium-V ISO-2022-JP ++psResidentFont16 HeiseiMaruGo-W4 H GothicBBB-Medium-H ISO-2022-JP ++psResidentFont16 HeiseiMaruGo-W4 V GothicBBB-Medium-V ISO-2022-JP ++psResidentFont16 MS-Gothic H GothicBBB-Medium-H ISO-2022-JP ++psResidentFont16 MS-Gothic V GothicBBB-Medium-V ISO-2022-JP ++psResidentFont16 HG-GothicB H GothicBBB-Medium-H ISO-2022-JP ++psResidentFont16 HG-GothicB V GothicBBB-Medium-V ISO-2022-JP ++psResidentFont16 Kochi-Gothic H GothicBBB-Medium-H ISO-2022-JP ++psResidentFont16 Kochi-Gothic V GothicBBB-Medium-V ISO-2022-JP + #----- end Japanese support package diff --git a/patches/source/xpdf/lang/xpdf-korean.diff b/patches/source/xpdf/lang/xpdf-korean.diff new file mode 100644 index 00000000..531ad629 --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-korean.diff @@ -0,0 +1,15 @@ +--- ./add-to-xpdfrc.orig 2011-09-02 17:24:45.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:43:21.119417269 -0500 +@@ -1,8 +1,8 @@ + #----- begin Korean support package (2011-sep-02) +-cidToUnicode Adobe-Korea1 /usr/local/share/xpdf/korean/Adobe-Korea1.cidToUnicode +-unicodeMap ISO-2022-KR /usr/local/share/xpdf/korean/ISO-2022-KR.unicodeMap +-cMapDir Adobe-Korea1 /usr/local/share/xpdf/korean/CMap +-toUnicodeDir /usr/local/share/xpdf/korean/CMap ++cidToUnicode Adobe-Korea1 /usr/share/xpdf/korean/Adobe-Korea1.cidToUnicode ++unicodeMap ISO-2022-KR /usr/share/xpdf/korean/ISO-2022-KR.unicodeMap ++cMapDir Adobe-Korea1 /usr/share/xpdf/korean/CMap ++toUnicodeDir /usr/share/xpdf/korean/CMap + #fontFileCC Adobe-Korea1 /usr/..../batang.ttf" + #fontFileCC Unidocs-Korea1 /usr/..../batang.ttf" + #----- end Korean support package diff --git a/patches/source/xpdf/lang/xpdf-latin2.diff b/patches/source/xpdf/lang/xpdf-latin2.diff new file mode 100644 index 00000000..cf88fa02 --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-latin2.diff @@ -0,0 +1,7 @@ +--- ./add-to-xpdfrc.orig 2011-08-15 16:24:29.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:43:21.120417269 -0500 +@@ -1,3 +1,3 @@ + #----- begin Latin2 support package (2011-aug-15) +-unicodeMap Latin2 /usr/local/share/xpdf/latin2/Latin2.unicodeMap ++unicodeMap Latin2 /usr/share/xpdf/latin2/Latin2.unicodeMap + #----- end Latin2 support package diff --git a/patches/source/xpdf/lang/xpdf-thai.diff b/patches/source/xpdf/lang/xpdf-thai.diff new file mode 100644 index 00000000..30c480ef --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-thai.diff @@ -0,0 +1,9 @@ +--- ./add-to-xpdfrc.orig 2011-08-15 16:24:29.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:43:21.121417269 -0500 +@@ -1,4 +1,4 @@ + #----- begin Thai support package (2011-aug-15) +-nameToUnicode /usr/local/share/xpdf/thai/Thai.nameToUnicode +-unicodeMap TIS-620 /usr/local/share/xpdf/thai/TIS-620.unicodeMap ++nameToUnicode /usr/share/xpdf/thai/Thai.nameToUnicode ++unicodeMap TIS-620 /usr/share/xpdf/thai/TIS-620.unicodeMap + #----- end Thai support package diff --git a/patches/source/xpdf/lang/xpdf-turkish.diff b/patches/source/xpdf/lang/xpdf-turkish.diff new file mode 100644 index 00000000..81a79cff --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-turkish.diff @@ -0,0 +1,7 @@ +--- ./add-to-xpdfrc.orig 2011-08-15 16:24:29.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:43:21.122417269 -0500 +@@ -1,3 +1,3 @@ + #----- begin Turkish support package (2011-aug-15) +-unicodeMap ISO-8859-9 /usr/local/share/xpdf/turkish/ISO-8859-9.unicodeMap ++unicodeMap ISO-8859-9 /usr/share/xpdf/turkish/ISO-8859-9.unicodeMap + #----- end Turkish support package diff --git a/patches/source/xpdf/patches/xpdf-3.03-CVE-2012-2142.diff b/patches/source/xpdf/patches/xpdf-3.03-CVE-2012-2142.diff new file mode 100644 index 00000000..891c41fd --- /dev/null +++ b/patches/source/xpdf/patches/xpdf-3.03-CVE-2012-2142.diff @@ -0,0 +1,55 @@ +From 3945969e0072217c143fefa3044512a31ac2afa8 Mon Sep 17 00:00:00 2001 +From: mancha +Date: Sun, 11 Aug 2013 +Subject: CVE-2012-2142 + +Filter stuff that might end up in the shell to address CVE-2012-2142. +This code was adapted from the Poppler project. +--- + Error.cc | 21 ++++++++++++++++----- + 1 file changed, 16 insertions(+), 5 deletions(-) + +--- a/xpdf/Error.cc 2013-08-11 ++++ b/xpdf/Error.cc 2013-08-11 +@@ -43,7 +43,7 @@ void setErrorCallback(void (*cbk)(void * + + void CDECL error(ErrorCategory category, int pos, const char *msg, ...) { + va_list args; +- GString *s; ++ GString *s, *sanitized; + + // NB: this can be called before the globalParams object is created + if (!errorCbk && globalParams && globalParams->getErrQuiet()) { +@@ -52,17 +52,28 @@ void CDECL error(ErrorCategory category, + va_start(args, msg); + s = GString::formatv(msg, args); + va_end(args); ++ ++ sanitized = new GString (); ++ for (int i = 0; i < s->getLength(); ++i) { ++ const char c = s->getChar(i); ++ if (c < (char)0x20 || c >= (char)0x7f) { ++ sanitized->appendf("<{0:02x}>", c & 0xff); ++ } else { ++ sanitized->append(c); ++ } ++ } ++ + if (errorCbk) { +- (*errorCbk)(errorCbkData, category, pos, s->getCString()); ++ (*errorCbk)(errorCbkData, category, pos, sanitized->getCString()); + } else { + if (pos >= 0) { + fprintf(stderr, "%s (%d): %s\n", +- errorCategoryNames[category], pos, s->getCString()); ++ errorCategoryNames[category], pos, sanitized->getCString()); + } else { + fprintf(stderr, "%s: %s\n", +- errorCategoryNames[category], s->getCString()); ++ errorCategoryNames[category], sanitized->getCString()); + } + fflush(stderr); + } +- delete s; ++ delete sanitized; + } diff --git a/patches/source/xpdf/patches/xpdf.XPDFViewer.diff b/patches/source/xpdf/patches/xpdf.XPDFViewer.diff new file mode 100644 index 00000000..0aa4455d --- /dev/null +++ b/patches/source/xpdf/patches/xpdf.XPDFViewer.diff @@ -0,0 +1,11 @@ +--- ./xpdf/XPDFViewer.cc.orig 2011-08-15 16:08:53.000000000 -0500 ++++ ./xpdf/XPDFViewer.cc 2013-03-28 15:35:31.589432279 -0500 +@@ -1803,7 +1803,7 @@ + menuPane = XmCreatePulldownMenu(toolBar, "zoomMenuPane", args, n); + for (i = 0; i < nZoomMenuItems; ++i) { + n = 0; +- s = XmStringCreateLocalized(zoomMenuInfo[i].label); ++ s = XmStringCreateLocalized((char *)zoomMenuInfo[i].label); + XtSetArg(args[n], XmNlabelString, s); ++n; + XtSetArg(args[n], XmNuserData, (XtPointer)i); ++n; + sprintf(buf, "zoom%d", i); diff --git a/patches/source/xpdf/patches/xpdfrc.diff b/patches/source/xpdf/patches/xpdfrc.diff new file mode 100644 index 00000000..c136f997 --- /dev/null +++ b/patches/source/xpdf/patches/xpdfrc.diff @@ -0,0 +1,43 @@ +--- ./doc/sample-xpdfrc.orig 2013-03-28 15:29:16.957444255 -0500 ++++ ./doc/sample-xpdfrc 2013-03-28 15:32:11.413438678 -0500 +@@ -29,20 +29,20 @@ + # installed in a "standard" location, xpdf will find them + # automatically.) + +-#fontFile Times-Roman /usr/local/share/ghostscript/fonts/n021003l.pfb +-#fontFile Times-Italic /usr/local/share/ghostscript/fonts/n021023l.pfb +-#fontFile Times-Bold /usr/local/share/ghostscript/fonts/n021004l.pfb +-#fontFile Times-BoldItalic /usr/local/share/ghostscript/fonts/n021024l.pfb +-#fontFile Helvetica /usr/local/share/ghostscript/fonts/n019003l.pfb +-#fontFile Helvetica-Oblique /usr/local/share/ghostscript/fonts/n019023l.pfb +-#fontFile Helvetica-Bold /usr/local/share/ghostscript/fonts/n019004l.pfb +-#fontFile Helvetica-BoldOblique /usr/local/share/ghostscript/fonts/n019024l.pfb +-#fontFile Courier /usr/local/share/ghostscript/fonts/n022003l.pfb +-#fontFile Courier-Oblique /usr/local/share/ghostscript/fonts/n022023l.pfb +-#fontFile Courier-Bold /usr/local/share/ghostscript/fonts/n022004l.pfb +-#fontFile Courier-BoldOblique /usr/local/share/ghostscript/fonts/n022024l.pfb +-#fontFile Symbol /usr/local/share/ghostscript/fonts/s050000l.pfb +-#fontFile ZapfDingbats /usr/local/share/ghostscript/fonts/d050000l.pfb ++fontFile Times-Roman /usr/share/ghostscript/fonts/n021003l.pfb ++fontFile Times-Italic /usr/share/ghostscript/fonts/n021023l.pfb ++fontFile Times-Bold /usr/share/ghostscript/fonts/n021004l.pfb ++fontFile Times-BoldItalic /usr/share/ghostscript/fonts/n021024l.pfb ++fontFile Helvetica /usr/share/ghostscript/fonts/n019003l.pfb ++fontFile Helvetica-Oblique /usr/share/ghostscript/fonts/n019023l.pfb ++fontFile Helvetica-Bold /usr/share/ghostscript/fonts/n019004l.pfb ++fontFile Helvetica-BoldOblique /usr/share/ghostscript/fonts/n019024l.pfb ++fontFile Courier /usr/share/ghostscript/fonts/n022003l.pfb ++fontFile Courier-Oblique /usr/share/ghostscript/fonts/n022023l.pfb ++fontFile Courier-Bold /usr/share/ghostscript/fonts/n022004l.pfb ++fontFile Courier-BoldOblique /usr/share/ghostscript/fonts/n022024l.pfb ++fontFile Symbol /usr/share/ghostscript/fonts/s050000l.pfb ++fontFile ZapfDingbats /usr/share/ghostscript/fonts/d050000l.pfb + + # If you need to display PDF files that refer to non-embedded fonts, + # you should add one or more fontDir options to point to the +@@ -89,4 +89,4 @@ + # clicked. + + #launchCommand viewer-script +-#urlCommand "netscape -remote 'openURL(%s)'" ++#urlCommand "firefox -remote 'openURL(%s)'" diff --git a/patches/source/xpdf/slack-desc b/patches/source/xpdf/slack-desc new file mode 100644 index 00000000..58072776 --- /dev/null +++ b/patches/source/xpdf/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xpdf: xpdf (PDF viewer for X) +xpdf: +xpdf: Xpdf is a viewer for Portable Document Format (PDF) files. +xpdf: +xpdf: xpdf was written by Derek B. Noonburg. +xpdf: +xpdf: +xpdf: +xpdf: +xpdf: +xpdf: diff --git a/patches/source/xpdf/xpdf.SlackBuild b/patches/source/xpdf/xpdf.SlackBuild new file mode 100755 index 00000000..b4493f62 --- /dev/null +++ b/patches/source/xpdf/xpdf.SlackBuild @@ -0,0 +1,151 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=3.03 +PATCHLEVEL= +BUILD=${BUILD:-1_slack13.1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-xpdf + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf xpdf-$VERSION +tar xvf $CWD/xpdf-$VERSION.tar.?z || exit 1 +cd xpdf-$VERSION || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +zcat $CWD/patches/xpdfrc.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/xpdf.XPDFViewer.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/xpdf-3.03-CVE-2012-2142.diff.gz | patch -p1 --verbose || exit 1 + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --sysconfdir=/etc \ + --with-freetype2-includes=/usr/include/freetype2 \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +chmod 0755 $PKG/usr/bin/* +gzip -9 $PKG/usr/man/man?/* + +# We'll use the versions of these from the poppler derived work (if they exist here): +( cd $PKG/usr/bin + rm -f pdfinfo pdftops pdftoppm pdftohtml pdftotext pdfimages pdffonts + cd $PKG/usr/man/man1 + for file in pdfinfo pdftops pdftoppm pdftohtml pdftotext pdfimages pdffonts ; do + rm -f ${file}.1.gz + done +) + +# Don't clobber /etc/xpdfrc +mkdir -p $PKG/etc +cat doc/sample-xpdfrc > $PKG/etc/xpdfrc +mv $PKG/etc/xpdfrc $PKG/etc/xpdfrc.new + +# Add desktop menu entry and icon +mkdir -p $PKG/usr/share/{applications,pixmaps} +cat $CWD/xpdf.desktop > $PKG/usr/share/applications/xpdf.desktop +cat xpdf/xpdfIcon.xpm > $PKG/usr/share/pixmaps/xpdfIcon.xpm + +# Add additional language support: +for language in xpdf-arabic xpdf-chinese-simplified xpdf-chinese-traditional xpdf-cyrillic xpdf-greek xpdf-hebrew xpdf-japanese xpdf-korean xpdf-latin2 xpdf-thai xpdf-turkish ; do + rm -rf ${language} + tar xf $CWD/lang/${language}*.tar.gz + ( cd ${language} + echo "Patching for ${language}:" + zcat $CWD/lang/${language}.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1 + chown -R root:root . + find . -type f -exec chmod 644 {} \; + cat add-to-xpdfrc >> $PKG/etc/xpdfrc.new + mkdir -p $PKG/usr/share/xpdf/$(echo ${language} | cut -f2- -d -) + cp -a * $PKG/usr/share/xpdf/$(echo ${language} | cut -f2- -d -) + ) || exit 1 +done + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/usr/doc/xpdf-$VERSION +cp -a \ + ANNOUNCE CHANGES COPYING INSTALL README \ + $PKG/usr/doc/xpdf-$VERSION +chmod 0644 $PKG/usr/doc/xpdf-$VERSION/* + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r CHANGES ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat CHANGES | head -n 1000 > $DOCSDIR/CHANGES + touch -r CHANGES $DOCSDIR/CHANGES +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/xpdf-${VERSION}${PATCHLEVEL}-$ARCH-$BUILD.txz + diff --git a/patches/source/xpdf/xpdf.desktop b/patches/source/xpdf/xpdf.desktop new file mode 100644 index 00000000..51d1a5a6 --- /dev/null +++ b/patches/source/xpdf/xpdf.desktop @@ -0,0 +1,98 @@ +[Desktop Entry] +Name=X PDF +Name[bn]=এক্স পি-ডি-এফ +Name[de]=X-PDF +Name[eo]=XPDF +Name[es]=PDF para X +Name[fr]=XPDF +Name[hi]=एक्स पीडीएफ +Name[ko]=X용 PDF +Name[mn]=X-PDF +Name[nds]=X-PDF +Name[te]=ఎక్స్ పిడిఎఫ్ +MimeType=application/pdf; +GenericName=PDF Viewer +GenericName[af]=Pdf Aansig +GenericName[ar]=عارض الملفات PDF +GenericName[az]=PDF Nümayişçisi +GenericName[be]=Праглядальнік PDF +GenericName[bg]=Преглед на PDF документи +GenericName[bn]=পি-ডি-এফ প্রদর্শক +GenericName[br]=Gweler PDF +GenericName[bs]=Preglednik PDF dokumenata +GenericName[ca]=Visor PDF +GenericName[cs]=Prohlížeč PDF souborů +GenericName[csb]=Przezérnik PDF +GenericName[cy]=Gwelydd PDF +GenericName[da]=PDF-fremviser +GenericName[de]=PDF-Betrachter +GenericName[el]=Προβολέας PDF +GenericName[eo]=PDF-rigardilo +GenericName[es]=Visor de documentos PDF +GenericName[et]=PDF failide vaatamine +GenericName[eu]=PDF ikustailua +GenericName[fa]=مشاهده‌گر PDF +GenericName[fi]=PDF-näytin +GenericName[fo]=PDF-vísari +GenericName[fr]=Afficheur PDF +GenericName[fy]=PDF-werjefteprogramma +GenericName[ga]=Amharcán PDF +GenericName[gl]=Visualizador de PDF +GenericName[he]=מציג קבצי PDF +GenericName[hi]=पीडीएफ प्रदर्शक +GenericName[hr]=Preglednik PDF dokumenata +GenericName[hu]=PDF-nézegető +GenericName[id]=Viewer PDF +GenericName[is]=PDF-sjá +GenericName[it]=Visualizzatore PDF +GenericName[ja]=PDF ビューア +GenericName[kk]=PDF қарау құралы +GenericName[km]=កម្មវិធី​មើល PDF +GenericName[ko]=PDF 보기 +GenericName[lo]=ສະແດງຜົນPDF +GenericName[lt]=PDF Žiūriklis +GenericName[lv]=PDF Skatītājs +GenericName[mk]=Прегледувач на PDF +GenericName[mn]=PDF-Харагч +GenericName[ms]=Pemapar PDF +GenericName[mt]=Werrej PDF +GenericName[nb]=PDF-leser +GenericName[nds]=Kieker för PDF-Dateien +GenericName[ne]=PDF दर्शक +GenericName[nl]=PDF-weergaveprogramma +GenericName[nn]=PDF-lesar +GenericName[nso]=Molebeledi wa PDF +GenericName[oc]=Visualisor PDF +GenericName[pa]=PDF ਦਰਸ਼ਕ +GenericName[pl]=Przeglądarka plików PDF +GenericName[pt]=Visualizador de PDFs +GenericName[pt_BR]=Visualizador de arquivos PDF +GenericName[ro]=Vizualizor de documente PDF +GenericName[ru]=Просмотр PDF +GenericName[rw]=Mugaragaza PDF +GenericName[se]=PDF-logan +GenericName[sk]=Prehliadač PDF súborov +GenericName[sl]=Pregledovalnik datotek PDF +GenericName[sr]=PDF приказивач +GenericName[sr@Latn]=PDF prikazivač +GenericName[ss]=Sibuki se PDF +GenericName[sv]=PDF-visare +GenericName[ta]=PDF காட்சி +GenericName[tg]=Намоишгари PDF +GenericName[th]=ตัวแสดงผล PDF +GenericName[tr]=PDF Görüntüleyici +GenericName[tt]=PDF Kürsätkeç +GenericName[uk]=Переглядач PDF +GenericName[uz]=PDF кўрувчи +GenericName[ven]=Tshivhoni tsha PDF +GenericName[vi]=Trình xem PDF +GenericName[wa]=Håyneu di documints PDF +GenericName[zh_CN]=PDF 查看器 +GenericName[zh_TW]=PDF 檢視程式 +GenericName[zu]=Umbukisi we-PDF +Exec=xpdf +Icon=xpdfIcon +Type=Application +Terminal=false +X-KDE-StartupNotify=false +Categories=Graphics; diff --git a/patches/source/xproto/arch.use.flags b/patches/source/xproto/arch.use.flags new file mode 100644 index 00000000..11087c88 --- /dev/null +++ b/patches/source/xproto/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/xproto/build/xproto b/patches/source/xproto/build/xproto new file mode 100644 index 00000000..c26b02cb --- /dev/null +++ b/patches/source/xproto/build/xproto @@ -0,0 +1 @@ +1_slack13.1 diff --git a/patches/source/xproto/configure/configure b/patches/source/xproto/configure/configure new file mode 100644 index 00000000..dcb1109b --- /dev/null +++ b/patches/source/xproto/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/xproto/modularize b/patches/source/xproto/modularize new file mode 100644 index 00000000..8a28ed93 --- /dev/null +++ b/patches/source/xproto/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/xproto/noarch b/patches/source/xproto/noarch new file mode 100644 index 00000000..8785ee52 --- /dev/null +++ b/patches/source/xproto/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/xproto/package-blacklist b/patches/source/xproto/package-blacklist new file mode 100644 index 00000000..603b8c31 --- /dev/null +++ b/patches/source/xproto/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/xproto/post-install/xproto.post-install b/patches/source/xproto/post-install/xproto.post-install new file mode 100644 index 00000000..5a3b79b3 --- /dev/null +++ b/patches/source/xproto/post-install/xproto.post-install @@ -0,0 +1,2 @@ +# bloat +rm -rf $PKG/usr/doc/xproto diff --git a/patches/source/xproto/slack-desc/xproto b/patches/source/xproto/slack-desc/xproto new file mode 100644 index 00000000..1c230b1e --- /dev/null +++ b/patches/source/xproto/slack-desc/xproto @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xproto: xproto (C prototypes for X Window System Core Protocol) +xproto: +xproto: xproto is part of X11. +xproto: +xproto: For more information about the X.Org Foundation (the providers of the +xproto: X.Org implementation of the X Window System), see their website: +xproto: +xproto: http://www.x.org +xproto: +xproto: +xproto: diff --git a/patches/source/xproto/x11.SlackBuild b/patches/source/xproto/x11.SlackBuild new file mode 100755 index 00000000..c3887dff --- /dev/null +++ b/patches/source/xproto/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/xproto/xproto.SlackBuild b/patches/source/xproto/xproto.SlackBuild new file mode 100755 index 00000000..34af847e --- /dev/null +++ b/patches/source/xproto/xproto.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild proto xproto +mv /tmp/x11-build/xproto*txz /tmp diff --git a/patches/source/xrdb/arch.use.flags b/patches/source/xrdb/arch.use.flags new file mode 100644 index 00000000..f28a6cca --- /dev/null +++ b/patches/source/xrdb/arch.use.flags @@ -0,0 +1,7 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/xrdb/build/xrdb b/patches/source/xrdb/build/xrdb new file mode 100644 index 00000000..c26b02cb --- /dev/null +++ b/patches/source/xrdb/build/xrdb @@ -0,0 +1 @@ +1_slack13.1 diff --git a/patches/source/xrdb/configure/configure b/patches/source/xrdb/configure/configure new file mode 100644 index 00000000..0f3bccf2 --- /dev/null +++ b/patches/source/xrdb/configure/configure @@ -0,0 +1,12 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/xrdb/modularize b/patches/source/xrdb/modularize new file mode 100644 index 00000000..47da583f --- /dev/null +++ b/patches/source/xrdb/modularize @@ -0,0 +1,293 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +applewmproto +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +constype +damageproto +dmxproto +dri2proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libAppleWM +libFS +libICE +libSM +libWindowsWM +libX11 +libXScrnSaver +libXTrap +libXau +libXaw +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXprintAppUtil +libXprintUtil +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxkbui +listres +lndir +luit +makedepend +mkcfm +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +printproto +proxymngr +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +rstart +scripts +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +trapproto +twm +util-macros +videoproto +viewres +windowswmproto +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xclipboard +xclock +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-citron +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-geode +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-fbdev +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-i810 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nsc +xf86-video-nv +xf86-video-openchrome +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-wsfb +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86rushproto +xf86vidmodeproto +xfd +xfindproxy +xfontsel +xfs +xfsinfo +xfwp +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-sgml-doctools +xphelloworld +xplsprinters +xpr +xprehashprinterlist +xprop +xproto +xproxymanagementprotocol +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetmode +xsetpointer +xsetroot +xsm +xstdcmap +xtrans +xtrap +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/xrdb/noarch b/patches/source/xrdb/noarch new file mode 100644 index 00000000..79eb0e56 --- /dev/null +++ b/patches/source/xrdb/noarch @@ -0,0 +1,81 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scripts +scrnsaverproto +trapproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcb-proto +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86rushproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-cf-files +xorg-docs +xproto +xproxymanagementprotocol +xtrans diff --git a/patches/source/xrdb/package-blacklist b/patches/source/xrdb/package-blacklist new file mode 100644 index 00000000..37762499 --- /dev/null +++ b/patches/source/xrdb/package-blacklist @@ -0,0 +1,39 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/xrdb/slack-desc/xrdb b/patches/source/xrdb/slack-desc/xrdb new file mode 100644 index 00000000..26ea4786 --- /dev/null +++ b/patches/source/xrdb/slack-desc/xrdb @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xrdb: xrdb +xrdb: +xrdb: xrdb is part of X11. +xrdb: +xrdb: For more information about the X.Org Foundation (the providers of the +xrdb: X.Org implementation of the X Window System), see their website: +xrdb: +xrdb: http://www.x.org +xrdb: +xrdb: +xrdb: diff --git a/patches/source/xrdb/x11.SlackBuild b/patches/source/xrdb/x11.SlackBuild new file mode 100755 index 00000000..ca729708 --- /dev/null +++ b/patches/source/xrdb/x11.SlackBuild @@ -0,0 +1,364 @@ +#!/bin/sh +# Copyright 2007-2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc driver font xserver ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/xrdb/xrdb.SlackBuild b/patches/source/xrdb/xrdb.SlackBuild new file mode 100755 index 00000000..cd657e95 --- /dev/null +++ b/patches/source/xrdb/xrdb.SlackBuild @@ -0,0 +1,2 @@ +./x11.SlackBuild app xrdb +mv /tmp/x11-build/xrdb*z /tmp diff --git a/patches/source/yasm/slack-desc b/patches/source/yasm/slack-desc new file mode 100644 index 00000000..fc28253f --- /dev/null +++ b/patches/source/yasm/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +yasm: yasm (complete rewrite of the NASM assembler) +yasm: +yasm: Yasm is a complete rewrite of the NASM assembler under the "new" BSD +yasm: License (some portions are under other licenses, see COPYING for +yasm: details). Yasm currently supports the x86 and AMD64 instruction sets, +yasm: accepts NASM and GAS assembler syntaxes, outputs binary, ELF32, ELF64, +yasm: 32 and 64-bit Mach-O, RDOFF2, COFF, Win32, and Win64 object formats, +yasm: and generates source debugging information in STABS, DWARF 2, and +yasm: CodeView 8 formats. +yasm: +yasm: yasm home: http://www.tortall.net/projects/yasm/ diff --git a/patches/source/yasm/yasm.SlackBuild b/patches/source/yasm/yasm.SlackBuild new file mode 100755 index 00000000..cab3c359 --- /dev/null +++ b/patches/source/yasm/yasm.SlackBuild @@ -0,0 +1,216 @@ +#!/bin/sh +# $Id: yasm.SlackBuild,v 1.7 2009/05/12 20:24:31 root Exp root $ +# Copyright (c) 2008 Eric Hameleers +# Copyright 2010 Patrick Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Permission to use, copy, modify, and distribute this software for +# any purpose with or without fee is hereby granted, provided that +# the above copyright notice and this permission notice appear in all +# copies. +# +# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +# IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF +# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT +# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# ----------------------------------------------------------------------------- +# +# Slackware SlackBuild script +# =========================== +# By: Eric Hameleers +# For: yasm +# Descr: complete rewrite of the NASM assembler +# URL: http://www.tortall.net/projects/yasm/ +# Needs: +# Changelog: +# 0.7.1-1: 16/Jun/2008 by Eric Hameleers +# * Initial build. +# 0.7.2-1: 08/dec/2008 by Eric Hameleers +# * Update. +# 0.8.0-1: 12/may/2009 by Eric Hameleers +# * Update. +# 1.1.0-1: 2010-08-31 by volkerdi@slackware.com +# * Update. +# +# Run 'sh yasm.SlackBuild' to build a Slackware package. +# The package (.txz) plus descriptive .txt file are created in /tmp . +# Install using 'installpkg'. +# +# ----------------------------------------------------------------------------- + +PKGNAM=yasm +VERSION=${VERSION:-1.2.0} +BUILD=${BUILD:-1_slack13.1} +TAG=${TAG:-} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +DOCS="ABOUT-NLS AUTHORS ChangeLog COPYING GNU_* NEWS README *.txt" + +# If you want to disable python bindings, set ENABLE_PYTHON to "NO". +# Building python support requires Cython, which is not shipped with Slackware. +ENABLE_PYTHON=${ENABLE_PYTHON:-"'NO"} + +# Where do we look for sources? +SRCDIR=$(cd $(dirname $0); pwd) + +# Place to build (TMP) package (PKG) and output (OUTPUT) the program: +TMP=${TMP:-/tmp/build} +PKG=$TMP/package-$PKGNAM +OUTPUT=${OUTPUT:-/tmp} + +SOURCE="$SRCDIR/${PKGNAM}-${VERSION}.tar.xz" +SRCURL="http://www.tortall.net/projects/${PKGNAM}/releases/${PKGNAM}-${VERSION}.tar.gz" + +## +## --- with a little luck, you won't have to edit below this point --- ## +## + +# Exit the script on errors: +set -e +trap 'echo "$0 FAILED at line ${LINENO}" | tee $OUTPUT/error-${PKGNAM}.log' ERR +# Catch unitialized variables: +set -u +P1=${1:-1} + +case "$ARCH" in + i486) SLKCFLAGS="-O2 -march=i486 -mtune=i686" + SLKLDFLAGS=""; LIBDIRSUFFIX="" + ;; + s390) SLKCFLAGS="-O2" + SLKLDFLAGS=""; LIBDIRSUFFIX="" + ;; + powerpc) SLKCFLAGS="-O2" + SLKLDFLAGS=""; LIBDIRSUFFIX="" + ;; + x86_64) SLKCFLAGS="-O2 -fPIC" + SLKLDFLAGS="-L/usr/lib64"; LIBDIRSUFFIX="64" + ;; + athlon-xp) SLKCFLAGS="-march=athlon-xp -O3 -pipe -fomit-frame-pointer" + SLKLDFLAGS=""; LIBDIRSUFFIX="" + ;; +esac + +# Create working directories: +mkdir -p $OUTPUT # place for the package to be saved +mkdir -p $TMP/tmp-$PKGNAM # location to build the source +mkdir -p $PKG # place for the package to be built +rm -rf $PKG/* # always erase old package's contents +rm -rf $TMP/tmp-$PKGNAM/* # remove the remnants of previous build + +# Source file availability: +if ! [ -f ${SOURCE} ]; then + if ! [ "x${SRCURL}" == "x" ]; then + # Check if the $SRCDIR is writable at all - if not, download to $OUTPUT + [ -w "$SRCDIR" ] || SOURCE="$OUTPUT/$(basename $SOURCE)" + echo "Source '$(basename ${SOURCE})' not available yet..." + echo "Will download file to $(dirname $SOURCE)" + wget -nv -T 20 -O "${SOURCE}" "${SRCURL}" || true + if [ $? -ne 0 -o ! -s "${SOURCE}" ]; then + echo "Downloading '$(basename ${SOURCE})' failed... aborting the build." + mv -f "${SOURCE}" "${SOURCE}".FAIL + exit 1 + fi + else + echo "File '$(basename ${SOURCE})' not available... aborting the build." + exit 1 + fi +fi + +if [ "$P1" == "--download" ]; then + echo "Download complete." + exit 0 +fi + +# --- PACKAGE BUILDING --- + +echo "++" +echo "|| $PKGNAM-$VERSION" +echo "++" + +cd $TMP/tmp-$PKGNAM +echo "Extracting the source archive(s) for $PKGNAM..." +tar xvf ${SOURCE} +cd ${PKGNAM}-${VERSION} +chown -R root:root . +chmod -R u+w,go+r-w,a-s . + +if [ "$ENABLE_PYTHON" = "YES" ]; then + PYTHONSTUFF="--enable-python --enable-python-bindings" +else + PYTHONSTUFF="" +fi + +echo Building ... +LDFLAGS="$SLKLDFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +CFLAGS="$SLKCFLAGS" \ +./configure --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --localstatedir=/var \ + --sysconfdir=/etc \ + --mandir=/usr/man \ + ${PYTHONSTUFF} \ + --program-prefix= \ + --program-suffix= \ + --build=$ARCH-slackware-linux \ + 2>&1 | tee $OUTPUT/configure-${PKGNAM}.log +make 2>&1 | tee $OUTPUT/make-${PKGNAM}.log + +# Install all the needed stuff to the package dir +# Use installwatch if available, to produce a logfile of the installation +# process that is more easily readable: +if $(which installwatch > /dev/null 2>&1); then + installwatch -o $OUTPUT/install-${PKGNAM}.log make DESTDIR=$PKG install +else + make DESTDIR=$PKG install 2>&1 |tee $OUTPUT/install-${PKGNAM}.log +fi + +# Add documentation: +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a $DOCS $PKG/usr/doc/$PKGNAM-$VERSION || true +cp -a $SRCDIR/$(basename $0) $PKG/usr/doc/$PKGNAM-$VERSION/$PKGNAM.SlackBuild +chown -R root:root $PKG/usr/doc/$PKGNAM-$VERSION +find $PKG/usr/doc -type f -exec chmod 644 {} \; + +# Remove empty share directory: +rmdir $PKG/usr/share || true + +# Compress the man page(s): +if [ -d $PKG/usr/man ]; then + find $PKG/usr/man -type f -name "*.?" -exec gzip -9f {} \; + for i in $(find $PKG/usr/man -type l -name "*.?") ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done +fi + +# Strip binaries: +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Add a package description: +mkdir -p $PKG/install +cat $SRCDIR/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +makepkg --linkadd y --chown n $OUTPUT/${PKGNAM}-${VERSION}-${ARCH}-${BUILD}${TAG}.txz 2>&1 | tee $OUTPUT/makepkg-${PKGNAM}.log +cd $OUTPUT +md5sum ${PKGNAM}-${VERSION}-${ARCH}-${BUILD}${TAG}.txz > ${PKGNAM}-${VERSION}-${ARCH}-${BUILD}${TAG}.txz.md5 +cd - +cat $PKG/install/slack-desc | grep "^${PKGNAM}" > $OUTPUT/${PKGNAM}-${VERSION}-${ARCH}-${BUILD}${TAG}.txt + -- cgit v1.2.3