On 2019/11/08 16:07, Joerg Jung wrote: > > > On 8. Nov 2019, at 11:46, Frederic Cambus <f...@statdns.com> wrote: > > > > Hi ports@, > > > > Here is a diff to update gdnsd to 2.4.3. This fixes CVE-2019-13952. > > > > While there, switch MASTER_SITES to HTTPS. > > > > Comments? OK? > > ok jung@ > > RUN_DEPENDS should be updated from GeoIP -> libmaxminddb
As-is, it doesn't pick up libmaxminddb so it probably can't use the new db. But here's an new diff that enables it. Index: Makefile =================================================================== RCS file: /cvs/ports/net/gdnsd/Makefile,v retrieving revision 1.22 diff -u -p -r1.22 Makefile --- Makefile 12 Jul 2019 20:48:26 -0000 1.22 +++ Makefile 8 Nov 2019 16:02:28 -0000 @@ -2,7 +2,7 @@ COMMENT= geographically-aware, authoritative-only DNS server -V= 2.4.0 +V= 2.4.3 DISTNAME= gdnsd-$V EXTRACT_SUFX= .tar.xz @@ -15,7 +15,7 @@ MAINTAINER= Joerg Jung <j...@openbsd.or # GPLv3+ PERMIT_PACKAGE= Yes -WANTLIB= c ev m pthread +WANTLIB= c ev m maxminddb pthread MASTER_SITES= https://github.com/gdnsd/gdnsd/releases/download/v$V/ @@ -28,9 +28,10 @@ BUILD_DEPENDS= devel/ragel # used for tests BUILD_DEPENDS+= archivers/xz \ net/curl -LIB_DEPENDS= devel/libev -RUN_DEPENDS= net/GeoIP,-city \ - net/GeoIP,-db +LIB_DEPENDS= devel/libev \ + net/libmaxminddb +RUN_DEPENDS= net/libmaxminddb,-city \ + net/libmaxminddb,-db TEST_DEPENDS= ${BUILD_DEPENDS} \ www/p5-libwww \ net/p5-Socket6 \ @@ -39,11 +40,12 @@ TEST_DEPENDS= ${BUILD_DEPENDS} \ LIBTOOL_FLAGS= --tag=disable-static -CONFIGURE_STYLE= gnu +CONFIGURE_STYLE= autoconf +AUTOCONF_VERSION= 2.69 CONFIGURE_ARGS+= --with-rundir=${VARBASE}/run/ \ --with-rootdir=${VARBASE}/gdnsd -CONFIGURE_ENV= LIBEV_LIBS="-L${LOCALBASE}/lib -lev" \ - LIBEV_CFLAGS="-I${LOCALBASE}/include" +CONFIGURE_ENV= LDFLAGS="-L${LOCALBASE}/lib" \ + CPPFLAGS="-I${LOCALBASE}/include" SUBST_VARS+= VARBASE Index: distinfo =================================================================== RCS file: /cvs/ports/net/gdnsd/distinfo,v retrieving revision 1.4 diff -u -p -r1.4 distinfo --- distinfo 12 Jul 2018 16:31:10 -0000 1.4 +++ distinfo 8 Nov 2019 16:02:28 -0000 @@ -1,2 +1,2 @@ -SHA256 (gdnsd-2.4.0.tar.xz) = PVbMuycFTcFVg52U3xNtdgrDYavoaKpqjD2/yeRku5k= -SIZE (gdnsd-2.4.0.tar.xz) = 641820 +SHA256 (gdnsd-2.4.3.tar.xz) = I318pId2027zSaFd2kpYEGze8uvgRzqwXfmW31NueBc= +SIZE (gdnsd-2.4.3.tar.xz) = 641580 Index: patches/patch-configure =================================================================== RCS file: patches/patch-configure diff -N patches/patch-configure --- patches/patch-configure 9 Jan 2018 19:56:56 -0000 1.3 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,24 +0,0 @@ -$OpenBSD: patch-configure,v 1.3 2018/01/09 19:56:56 jung Exp $ - -Silence warnings about base headers, drowning real warnings. - -Index: configure ---- configure.orig -+++ configure -@@ -14630,7 +14630,6 @@ for flag in \ - -Wnull-dereference \ - -Wold-style-definition \ - -Wpointer-arith \ -- -Wredundant-decls \ - -Wshadow \ - -Wsign-conversion \ - -Wshift-overflow=2 \ -@@ -16283,7 +16282,7 @@ else - fi - - GDNSD_DEFPATH_CONFIG="${sysconfdir}/${PACKAGE_NAME}" --GDNSD_DEFPATH_STATE="${localstatedir}/lib/${PACKAGE_NAME}" -+GDNSD_DEFPATH_STATE="${localstatedir}/${PACKAGE_NAME}" - GDNSD_DEFPATH_LIB="${libdir}/${PACKAGE_NAME}" - GDNSD_DEFPATH_LIBEXEC="${libexecdir}/${PACKAGE_NAME}" - Index: patches/patch-configure_ac =================================================================== RCS file: patches/patch-configure_ac diff -N patches/patch-configure_ac --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-configure_ac 8 Nov 2019 16:02:28 -0000 @@ -0,0 +1,24 @@ +$OpenBSD$ + +Silence warnings about base headers, drowning real warnings. + +Index: configure.ac +--- configure.ac.orig ++++ configure.ac +@@ -167,7 +167,6 @@ AX_APPEND_COMPILE_FLAGS([\ + -Wnull-dereference \ + -Wold-style-definition \ + -Wpointer-arith \ +- -Wredundant-decls \ + -Wshadow \ + -Wsign-conversion \ + -Wshift-overflow=2 \ +@@ -445,7 +444,7 @@ AC_ARG_WITH([rundir],[AS_HELP_STRING([--with-rundir=LO + GDNSD_DEFPATH_RUN="${localstatedir}/run/${PACKAGE_NAME}" + ]) + GDNSD_DEFPATH_CONFIG="${sysconfdir}/${PACKAGE_NAME}" +-GDNSD_DEFPATH_STATE="${localstatedir}/lib/${PACKAGE_NAME}" ++GDNSD_DEFPATH_STATE="${localstatedir}/${PACKAGE_NAME}" + GDNSD_DEFPATH_LIB="${libdir}/${PACKAGE_NAME}" + GDNSD_DEFPATH_LIBEXEC="${libexecdir}/${PACKAGE_NAME}" + AC_SUBST([GDNSD_DEFPATH_RUN]) Index: pkg/PLIST =================================================================== RCS file: /cvs/ports/net/gdnsd/pkg/PLIST,v retrieving revision 1.3 diff -u -p -r1.3 PLIST --- pkg/PLIST 23 Jun 2016 16:15:58 -0000 1.3 +++ pkg/PLIST 8 Nov 2019 16:02:28 -0000 @@ -2,6 +2,9 @@ @newgroup _gdnsd:743 @newuser _gdnsd:743:_gdnsd:daemon:gdns user:/var/empty:/sbin/nologin @extraunexec rm -f ${SYSCONFDIR}/gdnsd/* ${SYSCONFDIR}/gdnsd/zones/* +@sample ${SYSCONFDIR}/gdnsd/ +@sample ${SYSCONFDIR}/gdnsd/zones/ +@rcscript ${RCDIR}/gdnsd @bin bin/gdnsd_geoip_test include/gdnsd/ include/gdnsd/alloc.h @@ -63,6 +66,3 @@ share/doc/gdnsd/NEWS share/doc/gdnsd/README.md share/doc/gdnsd/gdnsd_manual.txt @sample ${VARBASE}/gdnsd/ -@sample ${SYSCONFDIR}/gdnsd/ -@sample ${SYSCONFDIR}/gdnsd/zones/ -@rcscript ${RCDIR}/gdnsd