summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAnthony G. Basile <blueness@gentoo.org>2015-05-22 06:54:44 -0400
committerAnthony G. Basile <blueness@gentoo.org>2015-05-22 06:54:44 -0400
commitf7460605d72e92bee40f1186a930bc863b618cce (patch)
treeb4f716bef318efea6a76d01ce5afc3fa1844a8f3
parentc4bca685e889f06285acedb1a0148e6dbf3388e6 (diff)
downloadhardened-dev-f7460605d72e92bee40f1186a930bc863b618cce.tar.gz
hardened-dev-f7460605d72e92bee40f1186a930bc863b618cce.tar.bz2
hardened-dev-f7460605d72e92bee40f1186a930bc863b618cce.tar.xz
hardened-dev-f7460605d72e92bee40f1186a930bc863b618cce.zip
net-misc/radvd: see bug #549942.
Package-Manager: portage-2.2.18 RepoMan-Options: --force Manifest-Sign-Key: 0xF52D4BBA
-rw-r--r--net-misc/radvd/Manifest10
-rw-r--r--net-misc/radvd/files/radvd-1.9.1.init71
-rw-r--r--net-misc/radvd/files/radvd-2.10-musl-libc-fix.patch87
-rw-r--r--net-misc/radvd/files/radvd.conf11
-rw-r--r--net-misc/radvd/files/radvd.service15
-rw-r--r--net-misc/radvd/files/radvd.tmpfilesd1
-rw-r--r--net-misc/radvd/metadata.xml12
-rw-r--r--net-misc/radvd/radvd-2.10-r99.ebuild72
-rw-r--r--net-misc/radvd/radvd-2.11-r99.ebuild73
9 files changed, 352 insertions, 0 deletions
diff --git a/net-misc/radvd/Manifest b/net-misc/radvd/Manifest
new file mode 100644
index 0000000..a0ba39b
--- /dev/null
+++ b/net-misc/radvd/Manifest
@@ -0,0 +1,10 @@
+AUX radvd-1.9.1.init 1660 SHA256 7043465373b0f80d7b7705079797bacfcb6778ed9da0a854ff6ff8d87e070712 SHA512 098795ce220895e049ec77652c3e93994196a4451560572d91d0cc5ae19cb95cf34a5d7a53fa1edf46f85bb35436a1399061244e47a590706feb439b649c8444 WHIRLPOOL bd8d2cabbbd288ea5f7cfec0ca4c4b200008c2e0de1206f9bd8f80ce5d03928363c112efd67c7d7ea9fd3fc4a535ca84052c10011b75aa53349d9f8b46345c9d
+AUX radvd-2.10-musl-libc-fix.patch 2282 SHA256 8b6b9b40ffb5bf62a222447b79d34dc5bbdf5a685a927ed07b7b75c56c93eec7 SHA512 aa33c08cccf6d59fca13feddd984d6c5c03d2fa9ab596efaa16ad10c1f231454f3eb6a1150ad2d695f8f739bb884b32b27052cbf34bcaa4baee8de9e07e33f88 WHIRLPOOL bde401e4aebc13df63e2b54547dec4a8613979e9e5252ba18ba47b50cb477c9084d7d642c63c9f3aa650e16b0e10c10866fd52bd674b5f3fa246894a84106963
+AUX radvd.conf 445 SHA256 a9c704a481fc7c24d4ed3e21aa6bf8979fca6e81b93d86a86b40e4433d03809c SHA512 386a6cdee43a0aa157760a590b9daa52e06e2c344a8d191a188c6174281734df95b82121e92d3c01e6c0fe76658dbdf6467dee2b30e2e010fc57dc8e0666b2cc WHIRLPOOL 406aed79b6611cef5ae8eff40d474a02539064205f28ef4d3b13b6d7ea5699eaf9fa7d8d373a95d7198f8ad3fd48f15159f93da199266b1913ff789a0f497f21
+AUX radvd.service 371 SHA256 bf32735579f54745e544ccdaccf1dd620c65042bf25ffc37581f3fd0a5a908ad SHA512 36050f79759e8d5a97d4954fbcf455be31ffc7adba1a3b587c1c1e5902c495cfff22f6573b4da7d56476d4b7194e1c5802e7df6f2d7911fc832a3214402f58fd WHIRLPOOL 001bbdda3b7a2b226bd4be7d00ae305ff09b146aa797db50d54f0099a41403dffea17a2799058d10d76e6707bfe052bd0aaf8b215b329cf606c7687eca622d6e
+AUX radvd.tmpfilesd 30 SHA256 da69653b29db8af0f757d9f968882db566c4284a4cc9d7d29516d4c82dd463bb SHA512 d126bc90083e0f8aefda8cbd3cd01ecc9beb0eb05713c2d9fb5315bc10337d927b3c9e52c390e35799d1421078b365793772a712c33028be35280cd083cf65c3 WHIRLPOOL 1a9b3438b9f80503ab2c26fff46aa95aa1b86c181ebda643c133ffb31ae9e81c77f75f263e45b8e226d0fab556be90cbcbf8e774ccd154f2ad34cd888f3928b6
+DIST radvd-2.10.tar.gz 202426 SHA256 b41867c5b0375f786bebbd3fc88776d41927aa392eeba954e4b88f8ec7e8f13e SHA512 cfc34ad414bd07e22519982f8c3fa75cb27eab54131d0af09d6dd5fbb69da3de26fda776593e1a4e2735b63fc7cc2224663665854895d8be459f43ba4012fa26 WHIRLPOOL 5689d137313e75e30f370637bc92f4e242f2a4e2675b0ee34f1824a66e7efcf4ad683e121375623b62f015dd59a664511f2dbcff229c70a9d55c083dc7fef98f
+DIST radvd-2.11.tar.gz 202596 SHA256 80ad60b15689e9591a5af393a57a1d93304deeff2e46482f0fd98046c00622f8 SHA512 35fc641b81cc76de677c8e55a61c8b28d9167d8f40a3fa7adf2a254293ca2d7856ca2c8f6d3bdba391bf873345d3019c0f572ee166eaba011ae874b176c85d4b WHIRLPOOL 058ecf265881963e44267945349e56f1b5bb402b8e4605bd852a8e3ced00419e0028eee70028819433bbc7d596f938d94fef1145ea615c66a975feb9fe4aa56c
+EBUILD radvd-2.10-r99.ebuild 1831 SHA256 c08efad503659d5fb7964b87562b284e0078fcf35619a723eee135670ad0319c SHA512 e45ec08becc0fbb9277b45c7c2931a59e2aefe9a2e33e89e43b7afbc897821fca89172933ea9174769ef02a059e7d557522938b878fb40850e073e7d28612af8 WHIRLPOOL f1622894599c9cdb7cfe8344e19f6bdfec92c1cfa93c88629c448c4a729d0f0b9e89548999066545e9091161607b23c45877801a3f92faba03916dbab033794d
+EBUILD radvd-2.11-r99.ebuild 1877 SHA256 c3d3b0c4b28b348f2b21f979e58aa938765691f8c0d584f0d8e2a60ce2513ac5 SHA512 8daf3862fae9b6ed26cbecdade688851ca3a741a85ffe1743f4df913dcbbc9e70796cecf64dd174ff39543dfa669d299b184ada0498949937e5fe14d28daac20 WHIRLPOOL a351cdfaf234fb894769d5044395c251d421386257178e2ae426f0e2ad757bc0d18c3c4ff80ae2af0a4a329c01b9eacd307aa86fedae18d721abc2e709b7a2b0
+MISC metadata.xml 330 SHA256 40f8466e0dfb2770a66eddc657185e34a39dc389419a758b183a1d229a47e0bd SHA512 e8bdd24745abdcf8129f8fae83b8397bc762ae1cc1010b271a7f5647eed8ccf65a15f7b761d32fb250676a3e081dbe3395fc82934276b73c5595b35ff2e8da80 WHIRLPOOL 2ec6a85e151014a9156007b3e9fc9d3b43aa43dcbd59aeec6de21c94df4e2a4e1b65fc828905c57a62b06ace6aaf1b3cd23e314426d4a0a719b1f61bfccd5ea9
diff --git a/net-misc/radvd/files/radvd-1.9.1.init b/net-misc/radvd/files/radvd-1.9.1.init
new file mode 100644
index 0000000..c44d861
--- /dev/null
+++ b/net-misc/radvd/files/radvd-1.9.1.init
@@ -0,0 +1,71 @@
+#!/sbin/runscript
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/radvd/files/radvd-1.9.1.init,v 1.2 2014/02/18 03:33:37 prometheanfire Exp $
+
+CONFIGFILE=/etc/radvd.conf
+PIDFILE=/var/run/radvd/radvd.pid
+SYSCTL_FORWARD=net.ipv6.conf.all.forwarding
+
+extra_started_commands="reload"
+
+depend() {
+ need net
+}
+
+checkconfig() {
+ if [ ! -f "${CONFIGFILE}" ]; then
+ eerror "Configuration file ${CONFIGFILE} not found"
+ return 1
+ fi
+
+ if ! /usr/sbin/radvd -c -C "${CONFIGFILE}" ; then
+ eerror "Configuration file ${CONFIGFILE} failed test"
+ return 1
+ fi
+
+ checkpath -d -o radvd:radvd ${PIDFILE%/*}
+}
+
+start() {
+ if [ "${FORWARD}" != "no" ]; then
+ ebegin "Enabling IPv6 forwarding"
+ sysctl -w "${SYSCTL_FORWARD}=1" >/dev/null
+ eend $?
+ fi
+
+ checkconfig || return 1
+
+ ebegin "Starting IPv6 Router Advertisement Daemon"
+ start-stop-daemon --start --exec /usr/sbin/radvd \
+ --pidfile "${PIDFILE}" \
+ -- -C "${CONFIGFILE}" -p "${PIDFILE}" -u radvd ${OPTIONS}
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping IPv6 Router Advertisement Daemon"
+ start-stop-daemon --stop --exec /usr/sbin/radvd --pidfile "${PIDFILE}"
+ eend $?
+
+ if [ "${FORWARD}" != "no" ]; then
+ ebegin "Disabling IPv6 forwarding"
+ sysctl -w "${SYSCTL_FORWARD}=0" > /dev/null
+ eend $?
+ fi
+}
+
+reload() {
+ if [ "${FORWARD}" != "no" ]; then
+ ebegin "Enabling IPv6 forwarding"
+ sysctl -w "${SYSCTL_FORWARD}=1" >/dev/null
+ eend $?
+ fi
+
+ checkconfig || return 1
+
+ ebegin "Reloading IPv6 Router Advertisement Daemon"
+ start-stop-daemon --signal HUP \
+ --exec /usr/sbin/radvd --pidfile "${PIDFILE}"
+ eend $?
+}
diff --git a/net-misc/radvd/files/radvd-2.10-musl-libc-fix.patch b/net-misc/radvd/files/radvd-2.10-musl-libc-fix.patch
new file mode 100644
index 0000000..c44f284
--- /dev/null
+++ b/net-misc/radvd/files/radvd-2.10-musl-libc-fix.patch
@@ -0,0 +1,87 @@
+From 1d8973e13d89802eee0b648451e2b97ac65cf9e0 Mon Sep 17 00:00:00 2001
+From: Reuben Hawkins <reubenhwk@gmail.com>
+Date: Sat, 16 May 2015 09:27:38 -0700
+Subject: [PATCH] device-linux.c: IEEE 802.15.4 musl libc fix
+
+The ARPHRD_IEEE802154 macro's definition and name have been recently
+moved around from kernel header to glibc headers. Include linux/if_arp.h
+if available and then use either ARPHRD_IEEE802154_MONITOR or ARPHRD_IEEE802154_PHY,
+whichever comes first.
+---
+ configure.ac | 1 +
+ device-linux.c | 8 ++++++++
+ includes.h | 6 ++++++
+ 3 files changed, 15 insertions(+)
+
+diff --git a/configure.ac b/configure.ac
+index 0c1efd6..4bd4c9d 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -156,6 +156,7 @@ AC_HEADER_STDC
+ AC_CHECK_HEADERS( \
+ getopt.h \
+ ifaddrs.h \
++ linux/if_arp.h \
+ machine/limits.h \
+ machine/param.h \
+ net/if_arp.h \
+diff --git a/device-linux.c b/device-linux.c
+index fa7d978..de83f2e 100644
+--- a/device-linux.c
++++ b/device-linux.c
+@@ -79,10 +79,12 @@ int update_device_info(int sock, struct Interface *iface)
+ iface->sllao.if_maxmtu = -1;
+ break;
+ #endif /* ARPHDR_ARCNET */
++#ifdef ARPHRD_IEEE802154
+ case ARPHRD_IEEE802154:
+ iface->sllao.if_hwaddr_len = 64;
+ iface->sllao.if_prefix_len = 64;
+ break;
++#endif
+ default:
+ iface->sllao.if_hwaddr_len = -1;
+ iface->sllao.if_prefix_len = -1;
+@@ -371,9 +373,15 @@ static char const *hwstr(unsigned short sa_family)
+ case ARPHRD_IEEE802154:
+ rc = "ARPHRD_IEEE802154";
+ break;
++#if ARPHRD_IEEE802154_MONITOR
++ case ARPHRD_IEEE802154_MONITOR:
++ rc = "ARPHRD_IEEE802154_MONITOR";
++ break;
++#elif ARPHRD_IEEE802154_PHY
+ case ARPHRD_IEEE802154_PHY:
+ rc = "ARPHRD_IEEE802154_PHY";
+ break;
++#endif
+ case ARPHRD_VOID:
+ rc = "ARPHRD_VOID";
+ break;
+diff --git a/includes.h b/includes.h
+index 39a36d2..d2449c4 100644
+--- a/includes.h
++++ b/includes.h
+@@ -81,9 +81,11 @@
+ #ifdef HAVE_NET_IF_DL_H
+ #include <net/if_dl.h>
+ #endif
++
+ #ifdef HAVE_NET_IF_TYPES_H
+ #include <net/if_types.h>
+ #endif
++
+ #if defined(HAVE_NET_IF_ARP_H) && !defined(ARPHRD_ETHER)
+ #include <net/if_arp.h>
+ #endif /* defined(HAVE_NET_IF_ARP_H) && !defined(ARPHRD_ETHER) */
+@@ -100,3 +102,7 @@
+ #include <ifaddrs.h>
+ #endif
+
++#ifdef HAVE_LINUX_IF_ARP_H
++#include <linux/if_arp.h>
++#endif
++
+--
+2.3.6
+
diff --git a/net-misc/radvd/files/radvd.conf b/net-misc/radvd/files/radvd.conf
new file mode 100644
index 0000000..e025c68
--- /dev/null
+++ b/net-misc/radvd/files/radvd.conf
@@ -0,0 +1,11 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/radvd/files/radvd.conf,v 1.1 2006/07/19 13:02:36 uberlord Exp $
+
+# Extra options to pass to radvd
+OPTIONS=""
+
+# Set this to "no" to tell the init script NOT to set up IPv6 forwarding
+# using /proc/sys/net/ipv6/conf/all/forwarding
+# Only change this if you know what you're doing!
+FORWARD="yes"
diff --git a/net-misc/radvd/files/radvd.service b/net-misc/radvd/files/radvd.service
new file mode 100644
index 0000000..d9095f6
--- /dev/null
+++ b/net-misc/radvd/files/radvd.service
@@ -0,0 +1,15 @@
+[Unit]
+Description=Router advertisement daemon for IPv6
+Documentation=man:radvd(8)
+After=network.target
+
+[Service]
+Type=forking
+ExecStart=/usr/sbin/radvd --username radvd --logmethod stderr --debug 0
+ExecReload=/usr/sbin/radvd --configtest ; \
+ /bin/kill -HUP $MAINPID
+CPUSchedulingPolicy=idle
+PIDFile=/run/radvd/radvd.pid
+
+[Install]
+WantedBy=multi-user.target
diff --git a/net-misc/radvd/files/radvd.tmpfilesd b/net-misc/radvd/files/radvd.tmpfilesd
new file mode 100644
index 0000000..26f203d
--- /dev/null
+++ b/net-misc/radvd/files/radvd.tmpfilesd
@@ -0,0 +1 @@
+d /run/radvd 0755 radvd radvd
diff --git a/net-misc/radvd/metadata.xml b/net-misc/radvd/metadata.xml
new file mode 100644
index 0000000..74f40b3
--- /dev/null
+++ b/net-misc/radvd/metadata.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer>
+ <email>xmw@gentoo.org</email>
+ <name>Michael Weber</name>
+ </maintainer>
+ <maintainer>
+ <email>prometheanfire@gentoo.org</email>
+ <name>Matthew Thode</name>
+ </maintainer>
+</pkgmetadata>
diff --git a/net-misc/radvd/radvd-2.10-r99.ebuild b/net-misc/radvd/radvd-2.10-r99.ebuild
new file mode 100644
index 0000000..fa4e771
--- /dev/null
+++ b/net-misc/radvd/radvd-2.10-r99.ebuild
@@ -0,0 +1,72 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/radvd/radvd-2.10.ebuild,v 1.5 2015/05/21 13:29:04 ago Exp $
+
+EAPI=4
+
+inherit systemd user eutils readme.gentoo
+
+DESCRIPTION="Linux IPv6 Router Advertisement Daemon"
+HOMEPAGE="http://v6web.litech.org/radvd/"
+SRC_URI="http://v6web.litech.org/radvd/dist/${P}.tar.gz"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="amd64 ~arm hppa ppc ~sparc x86 ~x86-fbsd"
+IUSE="kernel_FreeBSD selinux"
+
+CDEPEND="dev-libs/libdaemon"
+DEPEND="${CDEPEND}
+ dev-libs/check
+ sys-devel/bison
+ sys-devel/flex
+ virtual/pkgconfig"
+RDEPEND="${CDEPEND}
+ selinux? ( sec-policy/selinux-radvd )
+"
+DOCS=( CHANGES README TODO radvd.conf.example )
+
+pkg_setup() {
+ enewgroup radvd
+ enewuser radvd -1 -1 /dev/null radvd
+
+ # force ownership of radvd user and group (bug #19647)
+ [[ -d ${ROOT}/var/run/radvd ]] && chown radvd:radvd "${ROOT}"/var/run/radvd
+}
+
+src_prepare() {
+ epatch "${FILESDIR}"/${PN}-2.10-musl-libc-fix.patch
+}
+
+src_configure() {
+ econf --with-pidfile=/var/run/radvd/radvd.pid \
+ --disable-silent-rules
+}
+
+src_install() {
+ default
+
+ dohtml INTRO.html
+
+ newinitd "${FILESDIR}"/${PN}-1.9.1.init ${PN}
+ newconfd "${FILESDIR}"/${PN}.conf ${PN}
+
+ systemd_dounit "${FILESDIR}"/${PN}.service
+ systemd_newtmpfilesd "${FILESDIR}"/${PN}.tmpfilesd ${PN}.conf
+
+ if use kernel_FreeBSD ; then
+ sed -i -e \
+ 's/^SYSCTL_FORWARD=.*$/SYSCTL_FORWARD=net.inet6.ip6.forwarding/g' \
+ "${D}"/etc/init.d/${PN} || die
+ fi
+
+ readme.gentoo_create_doc
+}
+
+DISABLE_AUTOFORMATTING=1
+DOC_CONTENTS="Please create a configuratoion ${ROOT}etc/radvd.conf.
+See ${ROOT}usr/share/doc/${PF} for an example.
+
+grsecurity users should allow a specific group to read /proc
+and add the radvd user to that group, otherwise radvd may
+segfault on startup."
diff --git a/net-misc/radvd/radvd-2.11-r99.ebuild b/net-misc/radvd/radvd-2.11-r99.ebuild
new file mode 100644
index 0000000..b66e624
--- /dev/null
+++ b/net-misc/radvd/radvd-2.11-r99.ebuild
@@ -0,0 +1,73 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/radvd/radvd-2.11.ebuild,v 1.1 2015/04/24 01:35:16 xmw Exp $
+
+EAPI=4
+
+inherit systemd user eutils readme.gentoo
+
+DESCRIPTION="Linux IPv6 Router Advertisement Daemon"
+HOMEPAGE="http://v6web.litech.org/radvd/"
+SRC_URI="http://v6web.litech.org/radvd/dist/${P}.tar.gz"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~hppa ~ppc ~sparc ~x86 ~x86-fbsd"
+IUSE="kernel_FreeBSD selinux test"
+
+CDEPEND="dev-libs/libdaemon"
+DEPEND="${CDEPEND}
+ sys-devel/bison
+ sys-devel/flex
+ virtual/pkgconfig
+ test? ( dev-libs/check )"
+RDEPEND="${CDEPEND}
+ selinux? ( sec-policy/selinux-radvd )
+"
+DOCS=( CHANGES README TODO radvd.conf.example )
+
+pkg_setup() {
+ enewgroup radvd
+ enewuser radvd -1 -1 /dev/null radvd
+
+ # force ownership of radvd user and group (bug #19647)
+ [[ -d ${ROOT}/var/run/radvd ]] && chown radvd:radvd "${ROOT}"/var/run/radvd
+}
+
+src_prepare() {
+ epatch "${FILESDIR}"/${PN}-2.10-musl-libc-fix.patch
+}
+
+src_configure() {
+ econf --with-pidfile=/var/run/radvd/radvd.pid \
+ --disable-silent-rules \
+ $(use_with test check)
+}
+
+src_install() {
+ default
+
+ dohtml INTRO.html
+
+ newinitd "${FILESDIR}"/${PN}-1.9.1.init ${PN}
+ newconfd "${FILESDIR}"/${PN}.conf ${PN}
+
+ systemd_dounit "${FILESDIR}"/${PN}.service
+ systemd_newtmpfilesd "${FILESDIR}"/${PN}.tmpfilesd ${PN}.conf
+
+ if use kernel_FreeBSD ; then
+ sed -i -e \
+ 's/^SYSCTL_FORWARD=.*$/SYSCTL_FORWARD=net.inet6.ip6.forwarding/g' \
+ "${D}"/etc/init.d/${PN} || die
+ fi
+
+ readme.gentoo_create_doc
+}
+
+DISABLE_AUTOFORMATTING=1
+DOC_CONTENTS="Please create a configuratoion ${ROOT}etc/radvd.conf.
+See ${ROOT}usr/share/doc/${PF} for an example.
+
+grsecurity users should allow a specific group to read /proc
+and add the radvd user to that group, otherwise radvd may
+segfault on startup."