Date: Sat, 26 Jan 2019 10:50:44 +0000 (UTC) From: Kubilay Kocak <koobs@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r491260 - in head/net/libzmq4: . files Message-ID: <201901261050.x0QAoicH057157@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: koobs Date: Sat Jan 26 10:50:44 2019 New Revision: 491260 URL: https://svnweb.freebsd.org/changeset/ports/491260 Log: net/libzmq4: Update to 4.3.1 - Use upstream provided methods for verbose builds and disabling -Werror - Pet portlint (USES order) - Add patch to fix flaky tests [1] This release fixes a remote code execution vulnerability (CVE-2019-6250) Changelog: https://github.com/zeromq/libzmq/releases/tag/v4.3.1 PR: 230575 [1] Reported by: tobik Security: 8e48365a-214d-11e9-9f8a-0050562a4d7b MFH: 2019Q1 Added: head/net/libzmq4/files/ head/net/libzmq4/files/patch-PR3358 (contents, props changed) head/net/libzmq4/files/patch-PR3359 (contents, props changed) Modified: head/net/libzmq4/Makefile head/net/libzmq4/distinfo head/net/libzmq4/pkg-plist Modified: head/net/libzmq4/Makefile ============================================================================== --- head/net/libzmq4/Makefile Sat Jan 26 10:48:48 2019 (r491259) +++ head/net/libzmq4/Makefile Sat Jan 26 10:50:44 2019 (r491260) @@ -2,7 +2,7 @@ PORTNAME= libzmq4 DISTVERSIONPREFIX= v -DISTVERSION= 4.2.3 +DISTVERSION= 4.3.1 CATEGORIES= net MASTER_SITES= https://github.com/zeromq/libzmq/releases/download/${DISTVERSIONFULL}/ DISTNAME= zeromq-${DISTVERSION} @@ -13,10 +13,11 @@ COMMENT= ZeroMQ core library (Version 4) LICENSE= LGPL3 LICENSE_FILE= ${WRKSRC}/COPYING -CONFLICTS= zmq-[0-9]* libzmq[^4]-[0-9]* - USES= gmake libtool pkgconfig USE_LDCONFIG= yes + +CONFLICTS= zmq-[0-9]* libzmq[^4]-[0-9]* + GNU_CONFIGURE= yes INSTALL_TARGET= install-strip TEST_TARGET= check @@ -59,10 +60,11 @@ SODIUM_PLIST_FILES= bin/curve_keygen TWEETNACL_PLIST_FILES= bin/curve_keygen -CONFIGURE_ARGS+= --with-pkgconfigdir=${PREFIX}/libdata/pkgconfig --disable-static +CONFIGURE_ARGS+= --with-pkgconfigdir=${PREFIX}/libdata/pkgconfig \ + --disable-static \ + --disable-Werror \ + --disable-silent-rules CFLAGS+= -Wno-long-long -CPPFLAGS+= -Wno-error -MAKE_ENV= V=1 .include <bsd.port.options.mk> Modified: head/net/libzmq4/distinfo ============================================================================== --- head/net/libzmq4/distinfo Sat Jan 26 10:48:48 2019 (r491259) +++ head/net/libzmq4/distinfo Sat Jan 26 10:50:44 2019 (r491260) @@ -1,3 +1,5 @@ -TIMESTAMP = 1513839554 -SHA256 (zeromq-4.2.3.tar.gz) = 8f1e2b2aade4dbfde98d82366d61baef2f62e812530160d2e6d0a5bb24e40bc0 -SIZE (zeromq-4.2.3.tar.gz) = 1326780 +TIMESTAMP = 1548469918 +SHA256 (zeromq-4.3.1.tar.gz) = bcbabe1e2c7d0eec4ed612e10b94b112dd5f06fcefa994a0c79a45d835cd21eb +SIZE (zeromq-4.3.1.tar.gz) = 1490122 +SHA256 (/usr/home/koobs/repos/freebsd/ports/net/libzmq4/files/PR3358) = 63572ed3a8fa7e1d0f3d251b0aab32a94d1b9b841a53a0a715a8cafccca3289d +SIZE (/usr/home/koobs/repos/freebsd/ports/net/libzmq4/files/PR3358) = 6240 Added: head/net/libzmq4/files/patch-PR3358 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/libzmq4/files/patch-PR3358 Sat Jan 26 10:50:44 2019 (r491260) @@ -0,0 +1,179 @@ +From 4147957a5eec57ec7a2a416dca74c3c0299a3432 Mon Sep 17 00:00:00 2001 +From: Luca Boccassi <bluca@debian.org> +Date: Sun, 13 Jan 2019 13:08:10 +0000 +Subject: [PATCH 1/2] Problem: test_security_zap fails on architectures that + disallow unaligned pointer access + +Solution: use memcpy instead of doing pointer arithmetics with casting +and dereferencing to fix the error on sparc64 +--- + tests/testutil_security.hpp | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git tests/testutil_security.hpp tests/testutil_security.hpp +index 90999118c..437bfb298 100644 +--- tests/testutil_security.hpp ++++ tests/testutil_security.hpp +@@ -345,7 +345,7 @@ static int get_monitor_event_internal (void *monitor_, + uint8_t *data = (uint8_t *) zmq_msg_data (&msg); + uint16_t event = *(uint16_t *) (data); + if (value_) +- *value_ = *(uint32_t *) (data + 2); ++ memcpy (value_, data + 2, sizeof (uint32_t)); + + // Second frame in message contains event address + zmq_msg_init (&msg); + +From f64b697095c6d8862bdfd2a159857e915bbf20ee Mon Sep 17 00:00:00 2001 +From: Luca Boccassi <bluca@debian.org> +Date: Sun, 13 Jan 2019 14:50:07 +0000 +Subject: [PATCH 2/2] Problem: tests use hard-coded fixed IPC file path + +Solution: use wildcards or random directories to avoid races when +multiple users are running the same test on the same machine +--- + tests/test_pair_ipc.cpp | 9 +++++++-- + tests/test_rebind_ipc.cpp | 13 ++++++++----- + tests/test_reconnect_ivl.cpp | 10 +++++++--- + tests/test_use_fd.cpp | 24 +++++++++++++++++++----- + 4 files changed, 41 insertions(+), 15 deletions(-) + +diff --git tests/test_pair_ipc.cpp tests/test_pair_ipc.cpp +index c9a216dd2..ab4dde350 100644 +--- tests/test_pair_ipc.cpp ++++ tests/test_pair_ipc.cpp +@@ -44,11 +44,16 @@ void tearDown () + + void test_roundtrip () + { ++ char my_endpoint[256]; ++ size_t len = sizeof (my_endpoint); ++ + void *sb = test_context_socket (ZMQ_PAIR); +- TEST_ASSERT_SUCCESS_ERRNO (zmq_bind (sb, "ipc:///tmp/test_pair_ipc")); ++ TEST_ASSERT_SUCCESS_ERRNO (zmq_bind (sb, "ipc://*")); ++ TEST_ASSERT_SUCCESS_ERRNO ( ++ zmq_getsockopt (sb, ZMQ_LAST_ENDPOINT, my_endpoint, &len)); + + void *sc = test_context_socket (ZMQ_PAIR); +- TEST_ASSERT_SUCCESS_ERRNO (zmq_connect (sc, "ipc:///tmp/test_pair_ipc")); ++ TEST_ASSERT_SUCCESS_ERRNO (zmq_connect (sc, my_endpoint)); + + bounce (sb, sc); + +diff --git tests/test_rebind_ipc.cpp tests/test_rebind_ipc.cpp +index 830d18030..784641270 100644 +--- tests/test_rebind_ipc.cpp ++++ tests/test_rebind_ipc.cpp +@@ -42,24 +42,27 @@ void tearDown () + teardown_test_context (); + } + +-static const char *SOCKET_ADDR = "ipc:///tmp/test_rebind_ipc"; +- + void test_rebind_ipc () + { ++ char my_endpoint[256]; ++ size_t len = sizeof (my_endpoint); ++ + void *sb0 = test_context_socket (ZMQ_PUSH); + void *sb1 = test_context_socket (ZMQ_PUSH); + +- TEST_ASSERT_SUCCESS_ERRNO (zmq_bind (sb0, SOCKET_ADDR)); ++ TEST_ASSERT_SUCCESS_ERRNO (zmq_bind (sb0, "ipc://*")); ++ TEST_ASSERT_SUCCESS_ERRNO ( ++ zmq_getsockopt (sb0, ZMQ_LAST_ENDPOINT, my_endpoint, &len)); + + void *sc = test_context_socket (ZMQ_PULL); +- TEST_ASSERT_SUCCESS_ERRNO (zmq_connect (sc, SOCKET_ADDR)); ++ TEST_ASSERT_SUCCESS_ERRNO (zmq_connect (sc, my_endpoint)); + + send_string_expect_success (sb0, "42", 0); + recv_string_expect_success (sc, "42", 0); + + test_context_socket_close (sb0); + +- TEST_ASSERT_SUCCESS_ERRNO (zmq_bind (sb1, SOCKET_ADDR)); ++ TEST_ASSERT_SUCCESS_ERRNO (zmq_bind (sb1, my_endpoint)); + + send_string_expect_success (sb1, "42", 0); + recv_string_expect_success (sc, "42", 0); +diff --git tests/test_reconnect_ivl.cpp tests/test_reconnect_ivl.cpp +index b67b40e5f..6dd0e4cd2 100644 +--- tests/test_reconnect_ivl.cpp ++++ tests/test_reconnect_ivl.cpp +@@ -71,11 +71,15 @@ void test_reconnect_ivl_against_pair_socket (const char *my_endpoint_, + #if !defined(ZMQ_HAVE_WINDOWS) && !defined(ZMQ_HAVE_GNU) + void test_reconnect_ivl_ipc (void) + { +- const char *ipc_endpoint = "ipc:///tmp/test_reconnect_ivl"; ++ char my_endpoint[256]; ++ size_t len = sizeof (my_endpoint); ++ + void *sb = test_context_socket (ZMQ_PAIR); +- TEST_ASSERT_SUCCESS_ERRNO (zmq_bind (sb, ipc_endpoint)); ++ TEST_ASSERT_SUCCESS_ERRNO (zmq_bind (sb, "ipc://*")); ++ TEST_ASSERT_SUCCESS_ERRNO ( ++ zmq_getsockopt (sb, ZMQ_LAST_ENDPOINT, my_endpoint, &len)); + +- test_reconnect_ivl_against_pair_socket (ipc_endpoint, sb); ++ test_reconnect_ivl_against_pair_socket (my_endpoint, sb); + test_context_socket_close (sb); + } + #endif +diff --git tests/test_use_fd.cpp tests/test_use_fd.cpp +index 67414f5bf..e9852b13d 100644 +--- tests/test_use_fd.cpp ++++ tests/test_use_fd.cpp +@@ -237,24 +237,38 @@ void pre_allocate_sock_ipc_int (void *zmq_socket_, const char *path_) + sizeof (struct sockaddr_un)); + } + ++char ipc_endpoint[16]; ++ + void pre_allocate_sock_ipc (void *sb_, char *my_endpoint_) + { +- pre_allocate_sock_ipc_int (sb_, "/tmp/test_use_fd_ipc"); +- strcpy (my_endpoint_, "ipc:///tmp/test_use_fd_ipc"); ++ strcpy (ipc_endpoint, "tmpXXXXXX"); ++ ++#ifdef HAVE_MKDTEMP ++ TEST_ASSERT_TRUE (mkdtemp (ipc_endpoint)); ++ strcat (ipc_endpoint, "/ipc"); ++#else ++ int fd = mkstemp (ipc_endpoint); ++ TEST_ASSERT_TRUE (fd != -1); ++ close (fd); ++#endif ++ ++ pre_allocate_sock_ipc_int (sb_, ipc_endpoint); ++ strcpy (my_endpoint_, "ipc://"); ++ strcat (my_endpoint_, ipc_endpoint); + } + + void test_req_rep_ipc () + { + test_req_rep (pre_allocate_sock_ipc); + +- TEST_ASSERT_SUCCESS_ERRNO (unlink ("/tmp/test_use_fd_ipc")); ++ TEST_ASSERT_SUCCESS_ERRNO (unlink (ipc_endpoint)); + } + + void test_pair_ipc () + { + test_pair (pre_allocate_sock_ipc); + +- TEST_ASSERT_SUCCESS_ERRNO (unlink ("/tmp/test_use_fd_ipc")); ++ TEST_ASSERT_SUCCESS_ERRNO (unlink (ipc_endpoint)); + } + + void test_client_server_ipc () +@@ -262,7 +276,7 @@ void test_client_server_ipc () + #if defined(ZMQ_SERVER) && defined(ZMQ_CLIENT) + test_client_server (pre_allocate_sock_ipc); + +- TEST_ASSERT_SUCCESS_ERRNO (unlink ("/tmp/test_use_fd_ipc")); ++ TEST_ASSERT_SUCCESS_ERRNO (unlink (ipc_endpoint)); + #endif + } + Added: head/net/libzmq4/files/patch-PR3359 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/libzmq4/files/patch-PR3359 Sat Jan 26 10:50:44 2019 (r491260) @@ -0,0 +1,45 @@ +From d55956574d3b98268ec31045b012029ffc4b1a8c Mon Sep 17 00:00:00 2001 +From: Luca Boccassi <bluca@debian.org> +Date: Mon, 14 Jan 2019 00:10:08 +0000 +Subject: [PATCH] Problem: test_rebind_ipc still fails + +Solution: create manually the random IPC file to reuse +--- + tests/test_rebind_ipc.cpp | 20 +++++++++++++++----- + 1 file changed, 15 insertions(+), 5 deletions(-) + +diff --git tests/test_rebind_ipc.cpp tests/test_rebind_ipc.cpp +index 784641270..b14cb81d9 100644 +--- tests/test_rebind_ipc.cpp ++++ tests/test_rebind_ipc.cpp +@@ -44,15 +44,25 @@ void tearDown () + + void test_rebind_ipc () + { +- char my_endpoint[256]; +- size_t len = sizeof (my_endpoint); ++ char my_endpoint[32], random_file[16]; ++ strcpy (random_file, "tmpXXXXXX"); ++ ++#ifdef HAVE_MKDTEMP ++ TEST_ASSERT_TRUE (mkdtemp (random_file)); ++ strcat (random_file, "/ipc"); ++#else ++ int fd = mkstemp (random_file); ++ TEST_ASSERT_TRUE (fd != -1); ++ close (fd); ++#endif ++ ++ strcpy (my_endpoint, "ipc://"); ++ strcat (my_endpoint, random_file); + + void *sb0 = test_context_socket (ZMQ_PUSH); + void *sb1 = test_context_socket (ZMQ_PUSH); + +- TEST_ASSERT_SUCCESS_ERRNO (zmq_bind (sb0, "ipc://*")); +- TEST_ASSERT_SUCCESS_ERRNO ( +- zmq_getsockopt (sb0, ZMQ_LAST_ENDPOINT, my_endpoint, &len)); ++ TEST_ASSERT_SUCCESS_ERRNO (zmq_bind (sb0, my_endpoint)); + + void *sc = test_context_socket (ZMQ_PULL); + TEST_ASSERT_SUCCESS_ERRNO (zmq_connect (sc, my_endpoint)); Modified: head/net/libzmq4/pkg-plist ============================================================================== --- head/net/libzmq4/pkg-plist Sat Jan 26 10:48:48 2019 (r491259) +++ head/net/libzmq4/pkg-plist Sat Jan 26 10:50:44 2019 (r491260) @@ -2,7 +2,7 @@ include/zmq_utils.h include/zmq.h lib/libzmq.so lib/libzmq.so.5 -lib/libzmq.so.5.1.3 +lib/libzmq.so.5.2.1 libdata/pkgconfig/libzmq.pc %%MANPAGES%%man/man3/zmq_atomic_counter_dec.3.gz %%MANPAGES%%man/man3/zmq_atomic_counter_destroy.3.gz @@ -42,6 +42,7 @@ libdata/pkgconfig/libzmq.pc %%MANPAGES%%man/man3/zmq_msg_set_routing_id.3.gz %%MANPAGES%%man/man3/zmq_msg_size.3.gz %%MANPAGES%%man/man3/zmq_poll.3.gz +%%MANPAGES%%man/man3/zmq_poller.3.gz %%MANPAGES%%man/man3/zmq_proxy.3.gz %%MANPAGES%%man/man3/zmq_proxy_steerable.3.gz %%MANPAGES%%man/man3/zmq_recv.3.gz @@ -53,6 +54,7 @@ libdata/pkgconfig/libzmq.pc %%MANPAGES%%man/man3/zmq_socket.3.gz %%MANPAGES%%man/man3/zmq_socket_monitor.3.gz %%MANPAGES%%man/man3/zmq_strerror.3.gz +%%MANPAGES%%man/man3/zmq_timers.3.gz %%MANPAGES%%man/man3/zmq_unbind.3.gz %%MANPAGES%%man/man3/zmq_version.3.gz %%MANPAGES%%man/man3/zmq_z85_decode.3.gz
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201901261050.x0QAoicH057157>