Date: Fri, 5 Feb 2016 17:38:15 +0000 (UTC) From: Guido Falsi <madpilot@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r408238 - in branches/2016Q1/net: asterisk asterisk/files asterisk11 asterisk13 asterisk13/files Message-ID: <201602051738.u15HcFN3095520@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: madpilot Date: Fri Feb 5 17:38:14 2016 New Revision: 408238 URL: https://svnweb.freebsd.org/changeset/ports/408238 Log: MFH: r406243 r408026 - Update net/asterisk11 to 11.21.0 - Update net/asterisk13 to 13.7.0 - Add security fixes to net/asterisk port (PORTVERSION bumped) - Update net/asterisk11 to 11.21.1 - Update net/asterisk13 to 13.7.1 The security update included in these commits introduces an unexpected incompatibility with FreeBSD 9.3 bundled OpenSSL. Unluckily simply forcing this port to use ports provided openssl on 9.x isn't viable, since ftp/curl by default links with base openssl. A default binary package would just crash on startup when loading the asterisk curl module, due to conflicting openssl implementations being used. This commit adds a check in the Makefile, copied from the ftp/curl port, which removes the offending (and unsupported on that openssl version) code from the source file when linking against base OpenSSL on 9.x. Security: 559f3d1b-cb1d-11e5-80a4-001999f8d30b Approved by: ports-secteam (feld) Added: branches/2016Q1/net/asterisk/files/patch-AST-2016-001 - copied unchanged from r408026, head/net/asterisk/files/patch-AST-2016-001 branches/2016Q1/net/asterisk/files/patch-AST-2016-002 - copied unchanged from r408026, head/net/asterisk/files/patch-AST-2016-002 branches/2016Q1/net/asterisk/files/patch-AST-2016-003 - copied unchanged from r408026, head/net/asterisk/files/patch-AST-2016-003 Modified: branches/2016Q1/net/asterisk/Makefile branches/2016Q1/net/asterisk11/Makefile branches/2016Q1/net/asterisk11/distinfo branches/2016Q1/net/asterisk13/Makefile branches/2016Q1/net/asterisk13/distinfo branches/2016Q1/net/asterisk13/files/patch-Makefile Directory Properties: branches/2016Q1/ (props changed) Modified: branches/2016Q1/net/asterisk/Makefile ============================================================================== --- branches/2016Q1/net/asterisk/Makefile Fri Feb 5 17:37:29 2016 (r408237) +++ branches/2016Q1/net/asterisk/Makefile Fri Feb 5 17:38:14 2016 (r408238) @@ -3,7 +3,7 @@ PORTNAME= asterisk PORTVERSION= 1.8.32.3 -PORTREVISION= 3 +PORTREVISION= 5 CATEGORIES= net MASTER_SITES= http://downloads.asterisk.org/pub/telephony/%SUBDIR%/:main,g729 MASTER_SITE_SUBDIR= asterisk/:main \ @@ -223,6 +223,9 @@ post-patch: @${REINPLACE_CMD} -e '/#define HAVE_SYSINFO 1/d' ${WRKSRC}/configure @${REINPLACE_CMD} -e '/%%LIBSYSINFO%%/d' ${WRKSRC}/main/Makefile .endif +.if ${OPSYS} == FreeBSD && (${OSVERSION} < 1000015 && !(defined(WITH_OPENSSL_PORT) || (!defined(WITH_OPENSSL_BASE) && exists(${LOCALBASE}/lib/libcrypto.so)))) + @${REINPLACE_CMD} -e 's/SSL_OP_NO_TLSv1[_12]*;/0;/' ${WRKSRC}/main/tcptls.c +.endif .if exists(${FILESDIR}/.asterisk.makeopts) USER_MAKEOPTS_FILE=${FILESDIR}/.asterisk.makeopts Copied: branches/2016Q1/net/asterisk/files/patch-AST-2016-001 (from r408026, head/net/asterisk/files/patch-AST-2016-001) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2016Q1/net/asterisk/files/patch-AST-2016-001 Fri Feb 5 17:38:14 2016 (r408238, copy of r408026, head/net/asterisk/files/patch-AST-2016-001) @@ -0,0 +1,140 @@ +diff --git a/configs/http.conf.sample b/configs/http.conf.sample +index 1a7f4fd..9a06fcf 100644 +--- configs/http.conf.sample ++++ configs/http.conf.sample +@@ -67,10 +67,31 @@ bindaddr=127.0.0.1 + ; If no path is given for tlscertfile or tlsprivatekey, default is to look in current + ; directory. If no tlsprivatekey is given, default is to search tlscertfile for private key. + ; ++; + ; To produce a certificate you can e.g. use openssl. This places both the cert and + ; private in same .pem file. + ; openssl req -new -x509 -days 365 -nodes -out /tmp/foo.pem -keyout /tmp/foo.pem + ; ++; tlscipher= ; The list of allowed ciphers ++; ; if none are specified the following cipher ++; ; list will be used instead: ++; ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384: ++; ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256: ++; kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA: ++; ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384: ++; ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA: ++; DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA: ++; AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA: ++; AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH: ++; !EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA ++; ++; tlsdisablev1=yes ; Disable TLSv1 support - if not set this defaults to "yes" ++; tlsdisablev11=yes ; Disable TLSv1.1 support - if not set this defaults to "no" ++; tlsdisablev12=yes ; Disable TLSv1.2 support - if not set this defaults to "no" ++; ++; tlsservercipherorder=yes ; Use the server preference order instead of the client order ++; ; Defaults to "yes" ++; + ; The post_mappings section maps URLs to real paths on the filesystem. If a + ; POST is done from within an authenticated manager session to one of the + ; configured POST mappings, then any files in the POST will be placed in the +diff --git a/include/asterisk/tcptls.h b/include/asterisk/tcptls.h +index f3f5e1f..eb7166f 100644 +--- include/asterisk/tcptls.h ++++ include/asterisk/tcptls.h +@@ -79,7 +79,15 @@ enum ast_ssl_flags { + /*! Use SSLv3 for outgoing client connections */ + AST_SSL_SSLV3_CLIENT = (1 << 4), + /*! Use TLSv1 for outgoing client connections */ +- AST_SSL_TLSV1_CLIENT = (1 << 5) ++ AST_SSL_TLSV1_CLIENT = (1 << 5), ++ /*! Use server cipher order instead of the client order */ ++ AST_SSL_SERVER_CIPHER_ORDER = (1 << 6), ++ /*! Disable TLSv1 support */ ++ AST_SSL_DISABLE_TLSV1 = (1 << 7), ++ /*! Disable TLSv1.1 support */ ++ AST_SSL_DISABLE_TLSV11 = (1 << 8), ++ /*! Disable TLSv1.2 support */ ++ AST_SSL_DISABLE_TLSV12 = (1 << 9), + }; + + struct ast_tls_config { +diff --git a/main/http.c b/main/http.c +index 9bebbe7..4bfa985 100644 +--- main/http.c ++++ main/http.c +@@ -1118,10 +1118,13 @@ static int __ast_http_load(int reload) + } + http_tls_cfg.pvtfile = ast_strdup(""); + ++ /* Apply modern intermediate settings according to the Mozilla OpSec team as of July 30th, 2015 but disable TLSv1 */ ++ ast_set_flag(&http_tls_cfg.flags, AST_SSL_DISABLE_TLSV1 | AST_SSL_SERVER_CIPHER_ORDER); ++ + if (http_tls_cfg.cipher) { + ast_free(http_tls_cfg.cipher); + } +- http_tls_cfg.cipher = ast_strdup(""); ++ http_tls_cfg.cipher = ast_strdup("ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA"); + + AST_RWLIST_WRLOCK(&uri_redirects); + while ((redirect = AST_RWLIST_REMOVE_HEAD(&uri_redirects, entry))) { +@@ -1146,8 +1149,6 @@ static int __ast_http_load(int reload) + && strcasecmp(v->name, "tlsdontverifyserver") + && strcasecmp(v->name, "tlsclientmethod") + && strcasecmp(v->name, "sslclientmethod") +- && strcasecmp(v->name, "tlscipher") +- && strcasecmp(v->name, "sslcipher") + && !ast_tls_read_conf(&http_tls_cfg, &https_desc, v->name, v->value)) { + continue; + } +diff --git a/main/tcptls.c b/main/tcptls.c +index a5a2af6..f73c2aa 100644 +--- main/tcptls.c ++++ main/tcptls.c +@@ -749,6 +749,7 @@ static int __ssl_setup(struct ast_tls_config *cfg, int client) + return 0; + #else + int disable_ssl = 0; ++ long ssl_opts = 0; + + if (!cfg->enabled) + return 0; +@@ -793,11 +794,24 @@ static int __ssl_setup(struct ast_tls_config *cfg, int client) + * them. SSLv23_*_method supports TLSv1+. + */ + if (disable_ssl) { +- long ssl_opts; ++ ssl_opts |= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3; ++ } ++ ++ if (ast_test_flag(&cfg->flags, AST_SSL_SERVER_CIPHER_ORDER)) { ++ ssl_opts |= SSL_OP_CIPHER_SERVER_PREFERENCE; ++ } + +- ssl_opts = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3; +- SSL_CTX_set_options(cfg->ssl_ctx, ssl_opts); ++ if (ast_test_flag(&cfg->flags, AST_SSL_DISABLE_TLSV1)) { ++ ssl_opts |= SSL_OP_NO_TLSv1; + } ++ if (ast_test_flag(&cfg->flags, AST_SSL_DISABLE_TLSV11)) { ++ ssl_opts |= SSL_OP_NO_TLSv1_1; ++ } ++ if (ast_test_flag(&cfg->flags, AST_SSL_DISABLE_TLSV12)) { ++ ssl_opts |= SSL_OP_NO_TLSv1_2; ++ } ++ ++ SSL_CTX_set_options(cfg->ssl_ctx, ssl_opts); + + SSL_CTX_set_verify(cfg->ssl_ctx, + ast_test_flag(&cfg->flags, AST_SSL_VERIFY_CLIENT) ? SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT : SSL_VERIFY_NONE, +@@ -1109,6 +1123,14 @@ int ast_tls_read_conf(struct ast_tls_config *tls_cfg, struct ast_tcptls_session_ + ast_clear_flag(&tls_cfg->flags, AST_SSL_TLSV1_CLIENT); + ast_clear_flag(&tls_cfg->flags, AST_SSL_SSLV3_CLIENT); + } ++ } else if (!strcasecmp(varname, "tlsservercipherorder")) { ++ ast_set2_flag(&tls_cfg->flags, ast_true(value), AST_SSL_SERVER_CIPHER_ORDER); ++ } else if (!strcasecmp(varname, "tlsdisablev1")) { ++ ast_set2_flag(&tls_cfg->flags, ast_true(value), AST_SSL_DISABLE_TLSV1); ++ } else if (!strcasecmp(varname, "tlsdisablev11")) { ++ ast_set2_flag(&tls_cfg->flags, ast_true(value), AST_SSL_DISABLE_TLSV11); ++ } else if (!strcasecmp(varname, "tlsdisablev12")) { ++ ast_set2_flag(&tls_cfg->flags, ast_true(value), AST_SSL_DISABLE_TLSV12); + } else { + return -1; + } Copied: branches/2016Q1/net/asterisk/files/patch-AST-2016-002 (from r408026, head/net/asterisk/files/patch-AST-2016-002) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2016Q1/net/asterisk/files/patch-AST-2016-002 Fri Feb 5 17:38:14 2016 (r408238, copy of r408026, head/net/asterisk/files/patch-AST-2016-002) @@ -0,0 +1,18 @@ +diff --git a/channels/chan_sip.c b/channels/chan_sip.c +index 5de304a..277eec7 100644 +--- channels/chan_sip.c ++++ channels/chan_sip.c +@@ -3771,6 +3771,13 @@ static int retrans_pkt(const void *data) + } + + /* For non-invites, a maximum of 4 secs */ ++ if (INT_MAX / pkt->timer_a < pkt->timer_t1) { ++ /* ++ * Uh Oh, we will have an integer overflow. ++ * Recalculate previous timeout time instead. ++ */ ++ pkt->timer_a = pkt->timer_a / 2; ++ } + siptimer_a = pkt->timer_t1 * pkt->timer_a; /* Double each time */ + if (pkt->method != SIP_INVITE && siptimer_a > 4000) { + siptimer_a = 4000; Copied: branches/2016Q1/net/asterisk/files/patch-AST-2016-003 (from r408026, head/net/asterisk/files/patch-AST-2016-003) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2016Q1/net/asterisk/files/patch-AST-2016-003 Fri Feb 5 17:38:14 2016 (r408238, copy of r408026, head/net/asterisk/files/patch-AST-2016-003) @@ -0,0 +1,28 @@ +diff --git a/main/udptl.c b/main/udptl.c +index a8244e8..6960487 100644 +--- main/udptl.c ++++ main/udptl.c +@@ -231,16 +231,15 @@ static int decode_open_type(uint8_t *buf, unsigned int limit, unsigned int *len, + if (decode_length(buf, limit, len, &octet_cnt) != 0) + return -1; + +- if (octet_cnt > 0) { +- /* Make sure the buffer contains at least the number of bits requested */ +- if ((*len + octet_cnt) > limit) +- return -1; +- +- *p_num_octets = octet_cnt; +- *p_object = &buf[*len]; +- *len += octet_cnt; ++ /* Make sure the buffer contains at least the number of bits requested */ ++ if ((*len + octet_cnt) > limit) { ++ return -1; + } + ++ *p_num_octets = octet_cnt; ++ *p_object = &buf[*len]; ++ *len += octet_cnt; ++ + return 0; + } + /*- End of function --------------------------------------------------------*/ Modified: branches/2016Q1/net/asterisk11/Makefile ============================================================================== --- branches/2016Q1/net/asterisk11/Makefile Fri Feb 5 17:37:29 2016 (r408237) +++ branches/2016Q1/net/asterisk11/Makefile Fri Feb 5 17:38:14 2016 (r408238) @@ -1,8 +1,7 @@ # $FreeBSD$ PORTNAME= asterisk -PORTVERSION= 11.20.0 -PORTREVISION= 1 +PORTVERSION= 11.21.1 CATEGORIES= net MASTER_SITES= http://downloads.asterisk.org/pub/telephony/%SUBDIR%/:main,g729 MASTER_SITE_SUBDIR= asterisk/:main \ @@ -228,6 +227,9 @@ post-patch: @${REINPLACE_CMD} -e '/#define HAVE_SYSINFO 1/d' ${WRKSRC}/configure @${REINPLACE_CMD} -e '/%%LIBSYSINFO%%/d' ${WRKSRC}/main/Makefile .endif +.if ${OPSYS} == FreeBSD && (${OSVERSION} < 1000015 && !(defined(WITH_OPENSSL_PORT) || (!defined(WITH_OPENSSL_BASE) && exists(${LOCALBASE}/lib/libcrypto.so)))) + @${REINPLACE_CMD} -e 's/SSL_OP_NO_TLSv1[_12]*;/0;/' ${WRKSRC}/main/tcptls.c +.endif .if exists(${FILESDIR}/.asterisk.makeopts) USER_MAKEOPTS_FILE=${FILESDIR}/.asterisk.makeopts Modified: branches/2016Q1/net/asterisk11/distinfo ============================================================================== --- branches/2016Q1/net/asterisk11/distinfo Fri Feb 5 17:37:29 2016 (r408237) +++ branches/2016Q1/net/asterisk11/distinfo Fri Feb 5 17:38:14 2016 (r408238) @@ -1,5 +1,5 @@ -SHA256 (asterisk-11.20.0.tar.gz) = ba3a26a7ea2b76884ad4984b0694fc9814d98bb373e0cbe42c64962f666720f4 -SIZE (asterisk-11.20.0.tar.gz) = 34864289 +SHA256 (asterisk-11.21.1.tar.gz) = d02afbdda172a6bb98883350d64f83ce865fcea01642a05067ca2c916c3a1ee5 +SIZE (asterisk-11.21.1.tar.gz) = 34867941 SHA256 (asterisk-core-sounds-en-g729-1.4.27.tar.gz) = f5d21ca8305b29ea84fb4603c65c041483ea3a9cd0bf313eb4f098342a29af5f SIZE (asterisk-core-sounds-en-g729-1.4.27.tar.gz) = 1408055 SHA256 (asterisk-moh-opsound-g729-2.03.tar.gz) = 0147ca9a97f0c550227aacb7793499057c4d2c64e021c95f93722f27d5549585 Modified: branches/2016Q1/net/asterisk13/Makefile ============================================================================== --- branches/2016Q1/net/asterisk13/Makefile Fri Feb 5 17:37:29 2016 (r408237) +++ branches/2016Q1/net/asterisk13/Makefile Fri Feb 5 17:38:14 2016 (r408238) @@ -1,8 +1,7 @@ # $FreeBSD$ PORTNAME= asterisk -PORTVERSION= 13.6.0 -PORTREVISION= 1 +PORTVERSION= 13.7.1 CATEGORIES= net MASTER_SITES= http://downloads.asterisk.org/pub/telephony/%SUBDIR%/:main,g729 MASTER_SITE_SUBDIR= asterisk/:main \ @@ -250,6 +249,9 @@ post-patch: @${REINPLACE_CMD} -e '/#define HAVE_SYSINFO 1/d' ${WRKSRC}/configure @${REINPLACE_CMD} -e '/%%LIBSYSINFO%%/d' ${WRKSRC}/main/Makefile .endif +.if ${OPSYS} == FreeBSD && (${OSVERSION} < 1000015 && !(defined(WITH_OPENSSL_PORT) || (!defined(WITH_OPENSSL_BASE) && exists(${LOCALBASE}/lib/libcrypto.so)))) + @${REINPLACE_CMD} -e 's/SSL_OP_NO_TLSv1[_12]*;/0;/' ${WRKSRC}/main/tcptls.c +.endif .if exists(${FILESDIR}/.asterisk.makeopts) USER_MAKEOPTS_FILE=${FILESDIR}/.asterisk.makeopts Modified: branches/2016Q1/net/asterisk13/distinfo ============================================================================== --- branches/2016Q1/net/asterisk13/distinfo Fri Feb 5 17:37:29 2016 (r408237) +++ branches/2016Q1/net/asterisk13/distinfo Fri Feb 5 17:38:14 2016 (r408238) @@ -1,5 +1,5 @@ -SHA256 (asterisk-13.6.0.tar.gz) = 8a01b53c946d092ac561c11b404f68cd328306d0e3b434a7485a11d4b175005a -SIZE (asterisk-13.6.0.tar.gz) = 32146107 +SHA256 (asterisk-13.7.1.tar.gz) = f96bb621da63e1d1814cdd25cd92a6ebb976655938d25e4f6e53196411e5804d +SIZE (asterisk-13.7.1.tar.gz) = 32176324 SHA256 (asterisk-core-sounds-en-g729-1.4.27.tar.gz) = f5d21ca8305b29ea84fb4603c65c041483ea3a9cd0bf313eb4f098342a29af5f SIZE (asterisk-core-sounds-en-g729-1.4.27.tar.gz) = 1408055 SHA256 (asterisk-moh-opsound-g729-2.03.tar.gz) = 0147ca9a97f0c550227aacb7793499057c4d2c64e021c95f93722f27d5549585 Modified: branches/2016Q1/net/asterisk13/files/patch-Makefile ============================================================================== --- branches/2016Q1/net/asterisk13/files/patch-Makefile Fri Feb 5 17:37:29 2016 (r408237) +++ branches/2016Q1/net/asterisk13/files/patch-Makefile Fri Feb 5 17:38:14 2016 (r408238) @@ -1,4 +1,4 @@ ---- Makefile.orig 2015-07-24 22:20:17 UTC +--- Makefile.orig 2015-12-15 18:01:38 UTC +++ Makefile @@ -128,7 +128,7 @@ ASTTOPDIR:=$(subst $(space),\$(space),$( OVERWRITE=y @@ -14,7 +14,7 @@ # Default install directory for DAHDI hooks. -DAHDI_UDEV_HOOK_DIR = /usr/share/dahdi/span_config.d -+# DAHDI_UDEV_HOOK_DIR = /usr/share/dahdi/span_config.d ++#DAHDI_UDEV_HOOK_DIR = /usr/share/dahdi/span_config.d # This Makefile previously contained a note about the ability to use .asterisk.makeopts # from your home directory or /etc/asterisk.makeopts to set defaults for menuselect. @@ -51,7 +51,7 @@ installdirs: @for i in $(INSTALLDIRS); do \ -@@ -602,10 +607,10 @@ bininstall: _all installdirs $(SUBDIRS_I +@@ -603,10 +608,10 @@ bininstall: _all installdirs $(SUBDIRS_I if [ -f contrib/firmware/iax/iaxy.bin ] ; then \ $(INSTALL) -m 644 contrib/firmware/iax/iaxy.bin "$(DESTDIR)$(ASTDATADIR)/firmware/iax/iaxy.bin"; \ fi @@ -66,7 +66,7 @@ $(SUBDIRS_INSTALL): +@DESTDIR="$(DESTDIR)" ASTSBINDIR="$(ASTSBINDIR)" $(SUBMAKE) -C $(@:-install=) install -@@ -638,7 +643,7 @@ ifneq ($(filter ~%,$(DESTDIR)),) +@@ -639,7 +644,7 @@ ifneq ($(filter ~%,$(DESTDIR)),) @exit 1 endif @@ -75,18 +75,11 @@ @if [ -x /usr/sbin/asterisk-post-install ]; then \ /usr/sbin/asterisk-post-install "$(DESTDIR)" . ; \ fi -@@ -680,29 +685,16 @@ adsi: - else \ - echo "Installing $$x" ; \ - fi ; \ -- $(INSTALL) -m 644 "$$x" "$(DESTDIR)$(ASTETCDIR)/`$(BASENAME) $$x`" ; \ -+ $(INSTALL) -m 644 $$x $(DESTDIR)$(ASTETCDIR)/`$(BASENAME) $$x`.sample ; \ - done - - samples: adsi - @echo Installing other config files... - @for x in configs/samples/*.sample; do \ -- dst="$(DESTDIR)$(ASTETCDIR)/`$(BASENAME) $$x .sample`" ; \ +@@ -682,23 +687,10 @@ upgrade: bininstall + # (2) the extension to strip off + define INSTALL_CONFIGS + @for x in configs/$(1)/*$(2); do \ +- dst="$(DESTDIR)$(ASTETCDIR)/`$(BASENAME) $$x $(2)`"; \ - if [ -f "$${dst}" ]; then \ - if [ "$(OVERWRITE)" = "y" ]; then \ - if cmp -s "$${dst}" "$$x" ; then \ @@ -102,13 +95,13 @@ echo "Installing file $$x"; \ - $(INSTALL) -m 644 "$$x" "$${dst}" ;\ + $(INSTALL) -m 644 $$x $(DESTDIR)$(ASTETCDIR)/`$(BASENAME) $$x .sample`.sample ; \ - done + done ; \ - if [ "$(OVERWRITE)" = "y" ]; then \ -+ @if true; then \ ++ if true; then \ echo "Updating asterisk.conf" ; \ sed -e 's|^astetcdir.*$$|astetcdir => $(ASTETCDIR)|' \ -e 's|^astmoddir.*$$|astmoddir => $(ASTMODDIR)|' \ -@@ -715,15 +707,15 @@ samples: adsi +@@ -711,8 +703,8 @@ define INSTALL_CONFIGS -e 's|^astrundir.*$$|astrundir => $(ASTVARRUNDIR)|' \ -e 's|^astlogdir.*$$|astlogdir => $(ASTLOGDIR)|' \ -e 's|^astsbindir.*$$|astsbindir => $(ASTSBINDIR)|' \ @@ -117,13 +110,14 @@ + "$(DESTDIR)$(ASTCONFPATH).sample" > "$(DESTDIR)$(ASTCONFPATH).tmp" ; \ + $(INSTALL) -m 644 "$(DESTDIR)$(ASTCONFPATH).tmp" "$(DESTDIR)$(ASTCONFPATH).sample" ; \ rm -f "$(DESTDIR)$(ASTCONFPATH).tmp" ; \ - fi ; \ - $(INSTALL) -d "$(DESTDIR)$(ASTSPOOLDIR)/voicemail/default/1234/INBOX" - build_tools/make_sample_voicemail "$(DESTDIR)/$(ASTDATADIR)" "$(DESTDIR)/$(ASTSPOOLDIR)" - - @for x in phoneprov/*; do \ -- dst="$(DESTDIR)$(ASTDATADIR)/$$x" ; \ -+ dst="$(DESTDIR)$(ASTDATADIR)/$$x" ; \ - if [ -f "$${dst}" ]; then \ - if [ "$(OVERWRITE)" = "y" ]; then \ - if cmp -s "$${dst}" "$$x" ; then \ + fi + endef +@@ -728,7 +720,7 @@ adsi: + else \ + echo "Installing $$x" ; \ + fi ; \ +- $(INSTALL) -m 644 "$$x" "$(DESTDIR)$(ASTETCDIR)/`$(BASENAME) $$x`" ; \ ++ $(INSTALL) -m 644 $$x $(DESTDIR)$(ASTETCDIR)/`$(BASENAME) $$x`.sample ; \ + done + + samples: adsi
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201602051738.u15HcFN3095520>