commit: c417d2a49de69fa60b408e6bc9c2a372caffe1f8
Author: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
AuthorDate: Tue Jan 17 15:58:30 2017 +0000
Commit: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
CommitDate: Tue Jan 17 16:23:30 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c417d2a4
net-misc/dhcp: Security cleanup (bug #576866).
Package-Manager: Portage-2.3.3, Repoman-2.3.1
net-misc/dhcp/Manifest | 1 -
net-misc/dhcp/dhcp-4.3.3_p1.ebuild | 258 -------------
net-misc/dhcp/files/dhcp-4.0-dhclient-ntp.patch | 216 -----------
.../dhcp/files/dhcp-4.2.0-errwarn-message.patch | 31 --
.../files/dhcp-4.2.2-dhclient-resolvconf.patch | 409 ---------------------
net-misc/dhcp/files/dhcp-4.3.3-bind-disable.patch | 30 --
6 files changed, 945 deletions(-)
diff --git a/net-misc/dhcp/Manifest b/net-misc/dhcp/Manifest
index f3d15ab..3341a29 100644
--- a/net-misc/dhcp/Manifest
+++ b/net-misc/dhcp/Manifest
@@ -1,3 +1,2 @@
-DIST dhcp-4.3.3-P1.tar.gz 9204043 SHA256
c11e896dffa1bfbc49462965d3f6dec45534e34068603546d9a236f2aa669921 SHA512
7e14268b4acaa82c807af9d956f76f4327a9a75d36273a244fef74dbd54e7506e8b38ce6035e56f61ab09a19bfc0a40599f76c89dc342514f1048b5ac3b2a0eb
WHIRLPOOL
a0a6873e2f1625cfa208c328ed2d6ec507e239456d6eba24f5731a83ba16f5fbb36f0d6d99fd33fb9045cbf051116196a57c6c2ded2b36e93964475ad29d2b0e
DIST dhcp-4.3.4.tar.gz 9302513 SHA256
f5115aee3dd3e6925de4ba47b80ab732ba48b481c8364b6ebade2d43698d607e SHA512
411c3f0e1effedb2a95f00539d13164530a56b50830008eb78906b3c8bf4070c331cf54a431770aed5d1b6ba214840446964210060674f746781cc97842ad706
WHIRLPOOL
ea283592268c8efabd7fec430bd21c45306822b9275c91ee1e604d09e92f9eb3c50941ea11ecd9dcb230caec3b8e6ee94958e8eb6375e0ca0e7a64a8aaf63bce
DIST dhcp-4.3.5.tar.gz 10075147 SHA256
eb95936bf15d2393c55dd505bc527d1d4408289cec5a9fa8abb99f7577e7f954 SHA512
aba0e1d361eb9e7ed33fc48c0b0b9288057af9ec51775e40e27feb9ababc182506706fcf39079236ce36b0f7ded391e107474dc29de2e60ed45d37753505e1f0
WHIRLPOOL
85012016d81efb7654ec417e7a0f1a6145e8e143b13d6d9470d0fb7caf37c035441d5b2b8849d332f8ad0a9a6509bb0b931ac8f207f7ba9104e96811c0360124
diff --git a/net-misc/dhcp/dhcp-4.3.3_p1.ebuild
b/net-misc/dhcp/dhcp-4.3.3_p1.ebuild
deleted file mode 100644
index 60860e6..00000000
--- a/net-misc/dhcp/dhcp-4.3.3_p1.ebuild
+++ /dev/null
@@ -1,258 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=5
-
-inherit eutils systemd toolchain-funcs user
-
-MY_PV="${PV//_alpha/a}"
-MY_PV="${MY_PV//_beta/b}"
-MY_PV="${MY_PV//_rc/rc}"
-MY_PV="${MY_PV//_p/-P}"
-MY_P="${PN}-${MY_PV}"
-DESCRIPTION="ISC Dynamic Host Configuration Protocol (DHCP) client/server"
-HOMEPAGE="http://www.isc.org/products/DHCP";
-SRC_URI="ftp://ftp.isc.org/isc/dhcp/${MY_P}.tar.gz
- ftp://ftp.isc.org/isc/dhcp/${MY_PV}/${MY_P}.tar.gz";
-
-LICENSE="ISC BSD SSLeay GPL-2" # GPL-2 only for init script
-SLOT="0"
-KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh
sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd"
-IUSE="+client ipv6 kernel_linux ldap libressl selinux +server ssl vim-syntax"
-
-DEPEND="
- client? (
- kernel_linux? (
- ipv6? ( sys-apps/iproute2 )
- sys-apps/net-tools
- )
- )
- ldap? (
- net-nds/openldap
- ssl? (
- !libressl? ( dev-libs/openssl:0 )
- libressl? ( dev-libs/libressl )
- )
- )"
-RDEPEND="${DEPEND}
- selinux? ( sec-policy/selinux-dhcp )
- vim-syntax? ( app-vim/dhcpd-syntax )"
-
-S="${WORKDIR}/${MY_P}"
-
-src_unpack() {
- unpack ${A}
- # handle local bind hell
- cd "${S}"/bind
- unpack ./bind.tar.gz
-}
-
-src_prepare() {
- # Gentoo patches - these will probably never be accepted upstream
- # Fix some permission issues
- epatch "${FILESDIR}"/${PN}-3.0-fix-perms.patch
- # Enable dhclient to equery NTP servers
- epatch "${FILESDIR}"/${PN}-4.0-dhclient-ntp.patch
- epatch "${FILESDIR}"/${PN}-4.3.1-dhclient-resolvconf.patch
- # Stop downing the interface on Linux as that breaks link daemons
- # such as wpa_supplicant and netplug
- epatch "${FILESDIR}"/${PN}-3.0.3-dhclient-no-down.patch
- # Enable dhclient to get extra configuration from stdin
- epatch "${FILESDIR}"/${PN}-4.2.2-dhclient-stdin-conf.patch
- epatch "${FILESDIR}"/${PN}-4.2.2-nogateway.patch #265531
- epatch "${FILESDIR}"/${PN}-4.2.4-quieter-ping.patch #296921
- epatch "${FILESDIR}"/${PN}-4.2.4-always-accept-4.patch #437108
- epatch "${FILESDIR}"/${PN}-4.2.5-iproute2-path.patch #480636
- epatch "${FILESDIR}"/${PN}-4.2.5-bindtodevice-inet6.patch #471142
- epatch "${FILESDIR}"/${PN}-4.3.3-ldap-ipv6-client-id.patch #559832
-
- # Brand the version with Gentoo
- sed -i \
- -e "/VERSION=/s:'$: Gentoo-${PR}':" \
- configure || die
-
- # Change the hook script locations of the scripts
- sed -i \
- -e 's,/etc/dhclient-exit-hooks,/etc/dhcp/dhclient-exit-hooks,g'
\
- -e
's,/etc/dhclient-enter-hooks,/etc/dhcp/dhclient-enter-hooks,g' \
- client/scripts/* || die
-
- # No need for the linux script to force bash #158540
- sed -i -e 's,#!/bin/bash,#!/bin/sh,' client/scripts/linux || die
-
- # Quiet the freebsd logger a little
- sed -i -e '/LOGGER=/ s/-s -p user.notice //g' client/scripts/freebsd ||
die
-
- # Remove these options from the sample config
- sed -i -r \
- -e "/(script|host-name|domain-name) /d" \
- client/dhclient.conf.example || die
-
- if use client && ! use server ; then
- sed -i -r \
- -e '/^SUBDIRS/s:\<(dhcpctl|relay|server)\>::g' \
- Makefile.in || die
- elif ! use client && use server ; then
- sed -i -r \
- -e '/^SUBDIRS/s:\<client\>::' \
- Makefile.in || die
- fi
-
- # Only install different man pages if we don't have en
- if [[ " ${LINGUAS} " != *" en "* ]]; then
- # Install Japanese man pages
- if [[ " ${LINGUAS} " == *" ja "* && -d doc/ja_JP.eucJP ]]; then
- einfo "Installing Japanese documention"
- cp doc/ja_JP.eucJP/dhclient* client
- cp doc/ja_JP.eucJP/dhcp* common
- fi
- fi
- # Now remove the non-english docs so there are no errors later
- rm -rf doc/ja_JP.eucJP
-
- # make the bind build work
- binddir=${S}/bind
- cd "${binddir}" || die
- cat <<-EOF > bindvar.tmp
- binddir=${binddir}
- GMAKE=${MAKE:-gmake}
- EOF
- epatch "${FILESDIR}"/${PN}-4.3.3-bind-disable.patch
- cd bind-*/
- epatch "${FILESDIR}"/${PN}-4.2.2-bind-parallel-build.patch #380717
- epatch "${FILESDIR}"/${PN}-4.2.2-bind-build-flags.patch
-}
-
-src_configure() {
- # bind defaults to stupid `/usr/bin/ar`
- tc-export AR BUILD_CC
- export ac_cv_path_AR=${AR}
-
- # this is tested for by the bind build system, and can cause trouble
- # when cross-building; since dhcp itself doesn't make use of libcap,
- # simply disable it.
- export ac_cv_lib_cap_cap_set_proc=no
-
- # Use FHS sane paths ... some of these have configure options,
- # but not all, so just do it all here.
- local e="/etc/dhcp" r="/var/run/dhcp" l="/var/lib/dhcp"
- cat <<-EOF >> includes/site.h
- #define _PATH_DHCPD_CONF "${e}/dhcpd.conf"
- #define _PATH_DHCLIENT_CONF "${e}/dhclient.conf"
- #define _PATH_DHCPD_DB "${l}/dhcpd.leases"
- #define _PATH_DHCPD6_DB "${l}/dhcpd6.leases"
- #define _PATH_DHCLIENT_DB "${l}/dhclient.leases"
- #define _PATH_DHCLIENT6_DB "${l}/dhclient6.leases"
- #define _PATH_DHCPD_PID "${r}/dhcpd.pid"
- #define _PATH_DHCPD6_PID "${r}/dhcpd6.pid"
- #define _PATH_DHCLIENT_PID "${r}/dhcpclient.pid"
- #define _PATH_DHCLIENT6_PID "${r}/dhcpclient6.pid"
- #define _PATH_DHCRELAY_PID "${r}/dhcrelay.pid"
- #define _PATH_DHCRELAY6_PID "${r}/dhcrelay6.pid"
- EOF
-
- econf \
- --enable-paranoia \
- --enable-early-chroot \
- --sysconfdir=${e} \
- $(use_enable ipv6 dhcpv6) \
- $(use_with ldap) \
- $(use ldap && use_with ssl ldapcrypto || echo
--without-ldapcrypto)
-
- # configure local bind cruft. symtable option requires
- # perl and we don't want to require that #383837.
- cd bind/bind-*/ || die
- eval econf \
- $(sed -n '/^bindconfig
=/,/^$/{:a;N;$!ba;s,^[^-]*,,;s,\\\s*\n\s*--,--,g;s, @[[:upper:]]\+@,,g;P;D}'
../Makefile.in) \
- --disable-symtable \
- --without-make-clean
-}
-
-src_compile() {
- # build local bind cruft first
- emake -C bind/bind-*/lib/export install
- # then build standard dhcp code
- emake AR="$(tc-getAR)"
-}
-
-src_install() {
- default
-
- dodoc README RELNOTES doc/{api+protocol,IANA-arp-parameters}
- dohtml doc/References.html
-
- if [[ -e client/dhclient ]] ; then
- # move the client to /
- dodir /sbin
- mv "${D}"/usr/sbin/dhclient "${D}"/sbin/ || die
-
- exeinto /sbin
- if use kernel_linux ; then
- newexe "${S}"/client/scripts/linux dhclient-script
- else
- newexe "${S}"/client/scripts/freebsd dhclient-script
- fi
- fi
-
- if [[ -e server/dhcpd ]] ; then
- if use ldap ; then
- insinto /etc/openldap/schema
- doins contrib/ldap/dhcp.*
- dosbin contrib/ldap/dhcpd-conf-to-ldap
- fi
-
- newinitd "${FILESDIR}"/dhcpd.init5 dhcpd
- newconfd "${FILESDIR}"/dhcpd.conf2 dhcpd
- newinitd "${FILESDIR}"/dhcrelay.init3 dhcrelay
- newconfd "${FILESDIR}"/dhcrelay.conf dhcrelay
- newinitd "${FILESDIR}"/dhcrelay.init3 dhcrelay6
- newconfd "${FILESDIR}"/dhcrelay6.conf dhcrelay6
-
- systemd_newtmpfilesd "${FILESDIR}"/dhcpd.tmpfiles dhcpd.conf
- systemd_dounit "${FILESDIR}"/dhcpd4.service
- systemd_dounit "${FILESDIR}"/dhcpd6.service
- systemd_dounit "${FILESDIR}"/dhcrelay4.service
- systemd_dounit "${FILESDIR}"/dhcrelay6.service
- systemd_install_serviced "${FILESDIR}"/dhcrelay4.service.conf
- systemd_install_serviced "${FILESDIR}"/dhcrelay6.service.conf
-
- sed -i "s:#@slapd@:$(usex ldap slapd ''):" "${ED}"/etc/init.d/*
|| die #442560
- fi
-
- # the default config files aren't terribly useful #384087
- local f
- for f in "${ED}"/etc/dhcp/*.conf.example ; do
- mv "${f}" "${f%.example}" || die
- done
- sed -i '/^[^#]/s:^:#:' "${ED}"/etc/dhcp/*.conf || die
-}
-
-pkg_preinst() {
- enewgroup dhcp
- enewuser dhcp -1 -1 /var/lib/dhcp dhcp
-
- # Keep the user files over the sample ones. The
- # hashing is to ignore the crappy defaults #384087.
- local f h
- for f in dhclient:da7c8496a96452190aecf9afceef4510
dhcpd:10979e7b71134bd7f04d2a60bd58f070 ; do
- h=${f#*:}
- f="/etc/dhcp/${f%:*}.conf"
- if [ -e "${EROOT}"${f} ] ; then
- case $(md5sum "${EROOT}"${f}) in
- ${h}*) ;;
- *) cp -p "${EROOT}"${f} "${ED}"${f};;
- esac
- fi
- done
-}
-
-pkg_postinst() {
- if [[ -e "${ROOT}"/etc/init.d/dhcp ]] ; then
- ewarn
- ewarn "WARNING: The dhcp init script has been renamed to dhcpd"
- ewarn "/etc/init.d/dhcp and /etc/conf.d/dhcp need to be removed
and"
- ewarn "and dhcp should be removed from the default runlevel"
- ewarn
- fi
-}
diff --git a/net-misc/dhcp/files/dhcp-4.0-dhclient-ntp.patch
b/net-misc/dhcp/files/dhcp-4.0-dhclient-ntp.patch
deleted file mode 100644
index d3f2971..00000000
--- a/net-misc/dhcp/files/dhcp-4.0-dhclient-ntp.patch
+++ /dev/null
@@ -1,216 +0,0 @@
-diff -uNr dhcp-4.0.0.ORIG/client/clparse.c dhcp-4.0.0/client/clparse.c
---- dhcp-4.0.0.ORIG/client/clparse.c 2008-09-01 11:38:51.000000000 +0100
-+++ dhcp-4.0.0/client/clparse.c 2008-09-01 11:48:17.000000000 +0100
-@@ -37,7 +37,7 @@
-
- struct client_config top_level_config;
-
--#define NUM_DEFAULT_REQUESTED_OPTS 9
-+#define NUM_DEFAULT_REQUESTED_OPTS 10
- struct option *default_requested_options[NUM_DEFAULT_REQUESTED_OPTS + 1];
-
- static void parse_client_default_duid(struct parse *cfile);
-@@ -98,15 +98,20 @@
- dhcp_universe.code_hash, &code, 0, MDL);
-
- /* 8 */
-- code = D6O_NAME_SERVERS;
-+ code = DHO_NTP_SERVERS;
- option_code_hash_lookup(&default_requested_options[7],
-- dhcpv6_universe.code_hash, &code, 0, MDL);
-+ dhcp_universe.code_hash, &code, 0, MDL);
-
- /* 9 */
-- code = D6O_DOMAIN_SEARCH;
-+ code = D6O_NAME_SERVERS;
- option_code_hash_lookup(&default_requested_options[8],
- dhcpv6_universe.code_hash, &code, 0, MDL);
-
-+ /* 10 */
-+ code = D6O_DOMAIN_SEARCH;
-+ option_code_hash_lookup(&default_requested_options[9],
-+ dhcpv6_universe.code_hash, &code, 0, MDL);
-+
- for (code = 0 ; code < NUM_DEFAULT_REQUESTED_OPTS ; code++) {
- if (default_requested_options[code] == NULL)
- log_fatal("Unable to find option definition for "
-diff -uNr dhcp-4.0.0.ORIG/client/scripts/bsdos dhcp-4.0.0/client/scripts/bsdos
---- dhcp-4.0.0.ORIG/client/scripts/bsdos 2008-09-01 11:38:51.000000000
+0100
-+++ dhcp-4.0.0/client/scripts/bsdos 2008-09-01 11:39:30.000000000 +0100
-@@ -29,6 +29,26 @@
-
- mv /etc/resolv.conf.dhclient6 /etc/resolv.conf
- fi
-+ # If we're making confs, may as well make an ntp.conf too
-+ make_ntp_conf
-+}
-+
-+make_ntp_conf() {
-+ if [ x$PEER_NTP = x ] || [ x$PEER_NTP = xyes ]; then
-+ if [ x$new_ntp_servers != x ]; then
-+ conf="# Generated by dhclient for interface $interface\n"
-+ conf="${conf}restrict default noquery notrust nomodify\n"
-+ conf="${conf}restrict 127.0.0.1\n"
-+ for ntpserver in $new_ntp_servers; do
-+ conf="${conf}restrict $ntpserver nomodify notrap noquery\n"
-+ conf="${conf}server $ntpserver\n"
-+ done
-+ conf="${conf}driftfile /var/lib/ntp/ntp.drift\n"
-+ conf="${conf}logfile /var/log/ntp.log\n"
-+ printf "${conf}" > /etc/ntp.conf
-+ chmod 644 /etc/ntp.conf
-+ fi
-+ fi
- }
-
- # Must be used on exit. Invokes the local dhcp client exit hooks, if any.
-diff -uNr dhcp-4.0.0.ORIG/client/scripts/freebsd
dhcp-4.0.0/client/scripts/freebsd
---- dhcp-4.0.0.ORIG/client/scripts/freebsd 2008-09-01 11:38:51.000000000
+0100
-+++ dhcp-4.0.0/client/scripts/freebsd 2008-09-01 11:39:30.000000000 +0100
-@@ -73,6 +73,26 @@
- fi
- fi
- fi
-+ # If we're making confs, may as well make an ntp.conf too
-+ make_ntp_conf
-+}
-+
-+make_ntp_conf() {
-+ if [ x$PEER_NTP = x ] || [ x$PEER_NTP = xyes ]; then
-+ if [ "x$new_ntp_servers" != x ]; then
-+ conf="# Generated by dhclient for interface $interface\n"
-+ conf="${conf}restrict default noquery notrust nomodify\n"
-+ conf="${conf}restrict 127.0.0.1\n"
-+ for ntpserver in $new_ntp_servers; do
-+ conf="${conf}restrict $ntpserver nomodify notrap noquery\n"
-+ conf="${conf}server $ntpserver\n"
-+ done
-+ conf="${conf}driftfile /var/lib/ntp/ntp.drift\n"
-+ conf="${conf}logfile /var/log/ntp.log\n"
-+ printf "${conf}" > /etc/ntp.conf
-+ chmod 644 /etc/ntp.conf
-+ fi
-+ fi
- }
-
- # Must be used on exit. Invokes the local dhcp client exit hooks, if any.
-diff -uNr dhcp-4.0.0.ORIG/client/scripts/linux dhcp-4.0.0/client/scripts/linux
---- dhcp-4.0.0.ORIG/client/scripts/linux 2008-09-01 11:38:51.000000000
+0100
-+++ dhcp-4.0.0/client/scripts/linux 2008-09-01 11:39:30.000000000 +0100
-@@ -55,6 +55,26 @@
-
- mv /etc/resolv.conf.dhclient6 /etc/resolv.conf
- fi
-+ # If we're making confs, may as well make an ntp.conf too
-+ make_ntp_conf
-+}
-+
-+make_ntp_conf() {
-+ if [ x$PEER_NTP = x ] || [ x$PEER_NTP = xyes ]; then
-+ if [ "x$new_ntp_servers" != x ]; then
-+ conf="# Generated by dhclient for interface $interface\n"
-+ conf="${conf}restrict default noquery notrust nomodify\n"
-+ conf="${conf}restrict 127.0.0.1\n"
-+ for ntpserver in $new_ntp_servers; do
-+ conf="${conf}restrict $ntpserver nomodify notrap noquery\n"
-+ conf="${conf}server $ntpserver\n"
-+ done
-+ conf="${conf}driftfile /var/lib/ntp/ntp.drift\n"
-+ conf="${conf}logfile /var/log/ntp.log\n"
-+ printf "${conf}" > /etc/ntp.conf
-+ chmod 644 /etc/ntp.conf
-+ fi
-+ fi
- }
-
- # Must be used on exit. Invokes the local dhcp client exit hooks, if any.
-diff -uNr dhcp-4.0.0.ORIG/client/scripts/netbsd
dhcp-4.0.0/client/scripts/netbsd
---- dhcp-4.0.0.ORIG/client/scripts/netbsd 2008-09-01 11:38:51.000000000
+0100
-+++ dhcp-4.0.0/client/scripts/netbsd 2008-09-01 11:39:30.000000000 +0100
-@@ -29,6 +29,26 @@
-
- mv /etc/resolv.conf.dhclient6 /etc/resolv.conf
- fi
-+ # If we're making confs, may as well make an ntp.conf too
-+ make_ntp_conf
-+}
-+
-+make_ntp_conf() {
-+ if [ x$PEER_NTP = x ] || [ x$PEER_NTP = xyes ]; then
-+ if [ "x$new_ntp_servers" != x ]; then
-+ conf="# Generated by dhclient for interface $interface\n"
-+ conf="${conf}restrict default noquery notrust nomodify\n"
-+ conf="${conf}restrict 127.0.0.1\n"
-+ for ntpserver in $new_ntp_servers; do
-+ conf="${conf}restrict $ntpserver nomodify notrap noquery\n"
-+ conf="${conf}server $ntpserver\n"
-+ done
-+ conf="${conf}driftfile /var/lib/ntp/ntp.drift\n"
-+ conf="${conf}logfile /var/log/ntp.log\n"
-+ printf "${conf}" > /etc/ntp.conf
-+ chmod 644 /etc/ntp.conf
-+ fi
-+ fi
- }
-
- # Must be used on exit. Invokes the local dhcp client exit hooks, if any.
-diff -uNr dhcp-4.0.0.ORIG/client/scripts/openbsd
dhcp-4.0.0/client/scripts/openbsd
---- dhcp-4.0.0.ORIG/client/scripts/openbsd 2008-09-01 11:38:51.000000000
+0100
-+++ dhcp-4.0.0/client/scripts/openbsd 2008-09-01 11:39:30.000000000 +0100
-@@ -29,6 +29,26 @@
-
- mv /etc/resolv.conf.dhclient6 /etc/resolv.conf
- fi
-+ # If we're making confs, may as well make an ntp.conf too
-+ make_ntp_conf
-+}
-+
-+make_ntp_conf() {
-+ if [ x$PEER_NTP = x ] || [ x$PEER_NTP = xyes ]; then
-+ if [ "x$new_ntp_servers" != x ]; then
-+ conf="# Generated by dhclient for interface $interface\n"
-+ conf="${conf}restrict default noquery notrust nomodify\n"
-+ conf="${conf}restrict 127.0.0.1\n"
-+ for ntpserver in $new_ntp_servers; do
-+ conf="${conf}restrict $ntpserver nomodify notrap noquery\n"
-+ conf="${conf}server $ntpserver\n"
-+ done
-+ conf="${conf}driftfile /var/lib/ntp/ntp.drift\n"
-+ conf="${conf}logfile /var/log/ntp.log\n"
-+ printf "${conf}" > /etc/ntp.conf
-+ chmod 644 /etc/ntp.conf
-+ fi
-+ fi
- }
-
- # Must be used on exit. Invokes the local dhcp client exit hooks, if any.
-diff -uNr dhcp-4.0.0.ORIG/client/scripts/solaris
dhcp-4.0.0/client/scripts/solaris
---- dhcp-4.0.0.ORIG/client/scripts/solaris 2008-09-01 11:38:51.000000000
+0100
-+++ dhcp-4.0.0/client/scripts/solaris 2008-09-01 11:39:30.000000000 +0100
-@@ -17,6 +17,26 @@
-
- mv /etc/resolv.conf.dhclient /etc/resolv.conf
- fi
-+ # If we're making confs, may as well make an ntp.conf too
-+ make_ntp_conf
-+}
-+
-+make_ntp_conf() {
-+ if [ x$PEER_NTP = x ] || [ x$PEER_NTP = xyes ]; then
-+ if [ "x$new_ntp_servers" != x ]; then
-+ conf="# Generated by dhclient for interface $interface\n"
-+ conf="${conf}restrict default noquery notrust nomodify\n"
-+ conf="${conf}restrict 127.0.0.1\n"
-+ for ntpserver in $new_ntp_servers; do
-+ conf="${conf}restrict $ntpserver nomodify notrap noquery\n"
-+ conf="${conf}server $ntpserver\n"
-+ done
-+ conf="${conf}driftfile /var/lib/ntp/ntp.drift\n"
-+ conf="${conf}logfile /var/log/ntp.log\n"
-+ printf "${conf}" > /etc/ntp.conf
-+ chmod 644 /etc/ntp.conf
-+ fi
-+ fi
- }
-
- # Must be used on exit. Invokes the local dhcp client exit hooks, if any.
diff --git a/net-misc/dhcp/files/dhcp-4.2.0-errwarn-message.patch
b/net-misc/dhcp/files/dhcp-4.2.0-errwarn-message.patch
deleted file mode 100644
index f882a13..00000000
--- a/net-misc/dhcp/files/dhcp-4.2.0-errwarn-message.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-ripped from Fedora & tweaked
-
---- dhcp-4.2.0/omapip/errwarn.c
-+++ dhcp-4.2.0/omapip/errwarn.c
-@@ -76,20 +76,13 @@
-
- #if !defined (NOMINUM)
- log_error ("%s", "");
-- log_error ("If you did not get this software from ftp.isc.org, please");
-- log_error ("get the latest from ftp.isc.org and install that before");
-- log_error ("requesting help.");
-+ log_error ("This version of ISC DHCP is based on the release available");
-+ log_error ("on ftp.isc.org. Features have been added and other changes");
-+ log_error ("have been made to the base software release in order to make");
-+ log_error ("it work better with this distribution.");
- log_error ("%s", "");
-- log_error ("If you did get this software from ftp.isc.org and have not");
-- log_error ("yet read the README, please read it before requesting help.");
-- log_error ("If you intend to request help from the [email protected]");
-- log_error ("mailing list, please read the section on the README about");
-- log_error ("submitting bug reports and requests for help.");
-- log_error ("%s", "");
-- log_error ("Please do not under any circumstances send requests for");
-- log_error ("help directly to the authors of this software - please");
-- log_error ("send them to the appropriate mailing list as described in");
-- log_error ("the README file.");
-+ log_error ("Please report for this software via the Gentoo Bugzilla site:");
-+ log_error (" http://bugs.gentoo.org/";);
- log_error ("%s", "");
- log_error ("exiting.");
- #endif
diff --git a/net-misc/dhcp/files/dhcp-4.2.2-dhclient-resolvconf.patch
b/net-misc/dhcp/files/dhcp-4.2.2-dhclient-resolvconf.patch
deleted file mode 100644
index 28080a8..00000000
--- a/net-misc/dhcp/files/dhcp-4.2.2-dhclient-resolvconf.patch
+++ /dev/null
@@ -1,409 +0,0 @@
---- a/client/scripts/bsdos
-+++ b/client/scripts/bsdos
-@@ -1,40 +1,46 @@
- #!/bin/sh
-
- make_resolv_conf() {
-+ if [ x"$PEER_DNS" != x ] && [ x"$PEER_DNS" != xyes ]; then
-+ return 0
-+ fi
-+ local conf=
- if [ x"$new_domain_name_servers" != x ]; then
-- cat /dev/null > /etc/resolv.conf.dhclient
- if [ "x$new_domain_search" != x ]; then
-- echo search $new_domain_search >> /etc/resolv.conf.dhclient
-+ conf="${conf}search ${new_domain_search}\n"
- elif [ "x$new_domain_name" != x ]; then
- # Note that the DHCP 'Domain Name Option' is really just a domain
- # name, and that this practice of using the domain name option as
- # a search path is both nonstandard and deprecated.
-- echo search $new_domain_name >> /etc/resolv.conf.dhclient
-+ conf="${conf}search ${new_domain_name}\n"
- fi
- for nameserver in $new_domain_name_servers; do
-- echo nameserver $nameserver >> /etc/resolv.conf.dhclient
-+ conf="${conf}nameserver ${nameserver}\n"
- done
--
-- mv /etc/resolv.conf.dhclient /etc/resolv.conf
- elif [ "x${new_dhcp6_name_servers}" != x ] ; then
-- cat /dev/null > /etc/resolv.conf.dhclient6
-- chmod 644 /etc/resolv.conf.dhclient6
--
- if [ "x${new_dhcp6_domain_search}" != x ] ; then
-- echo search ${new_dhcp6_domain_search} >> /etc/resolv.conf.dhclient6
-+ conf="${conf}search ${new_dhcp6_domain_search}\n"
- fi
- for nameserver in ${new_dhcp6_name_servers} ; do
- # If the nameserver has a link-local address
- # add a <zone_id> (interface name) to it.
- case $nameserver in
- fe80:*) zone_id="%$interface";;
- FE80:*) zone_id="%$interface";;
- *) zone_id='';;
- esac
-- echo nameserver ${nameserver}$zone_id >> /etc/resolv.conf.dhclient6
-+ conf="${conf}nameserver ${nameserver}$zone_id\n"
- done
-+ fi
-
-- mv /etc/resolv.conf.dhclient6 /etc/resolv.conf
-+ if [ x"$conf" != x ]; then
-+ conf="# Generated by dhclient or interface $interface\n${conf}"
-+ if type resolvconf >/dev/null 2>&1; then
-+ printf "${conf}" | resolvconf -a $interface
-+ else
-+ printf "${conf}" > /etc/resolv.conf
-+ chmod 644 /etc/resolv.conf
-+ fi
- fi
- }
-
---- a/client/scripts/freebsd
-+++ b/client/scripts/freebsd
-@@ -11,73 +11,45 @@
- fi
-
- make_resolv_conf() {
-+ if [ x"$PEER_DNS" != x ] && [ x"$PEER_DNS" != xyes ]; then
-+ return 0
-+ fi
-+ local conf=
- if [ x"$new_domain_name_servers" != x ]; then
-- ( cat /dev/null > /etc/resolv.conf.dhclient )
-- exit_status=$?
-- if [ $exit_status -ne 0 ]; then
-- $LOGGER "Unable to create /etc/resolv.conf.dhclient: Error $exit_status"
-- else
-- if [ "x$new_domain_search" != x ]; then
-- ( echo search $new_domain_search >> /etc/resolv.conf.dhclient )
-- exit_status=$?
-- elif [ "x$new_domain_name" != x ]; then
-- # Note that the DHCP 'Domain Name Option' is really just a domain
-- # name, and that this practice of using the domain name option as
-- # a search path is both nonstandard and deprecated.
-- ( echo search $new_domain_name >> /etc/resolv.conf.dhclient )
-- exit_status=$?
-- fi
-- for nameserver in $new_domain_name_servers; do
-- if [ $exit_status -ne 0 ]; then
-- break
-- fi
-- ( echo nameserver $nameserver >>/etc/resolv.conf.dhclient )
-- exit_status=$?
-- done
--
-- # If there were no errors, attempt to mv the new file into place.
-- if [ $exit_status -eq 0 ]; then
-- ( mv /etc/resolv.conf.dhclient /etc/resolv.conf )
-- exit_status=$?
-- fi
--
-- if [ $exit_status -ne 0 ]; then
-- $LOGGER "Error while writing new /etc/resolv.conf."
-- fi
-+ if [ "x$new_domain_search" != x ]; then
-+ conf="${conf}search ${new_domain_search}\n"
-+ elif [ "x$new_domain_name" != x ]; then
-+ # Note that the DHCP 'Domain Name Option' is really just a domain
-+ # name, and that this practice of using the domain name option as
-+ # a search path is both nonstandard and deprecated.
-+ conf="${conf}search ${new_domain_name}\n"
- fi
-+ for nameserver in $new_domain_name_servers; do
-+ conf="${conf}nameserver ${nameserver}\n"
-+ done
- elif [ "x${new_dhcp6_name_servers}" != x ] ; then
-- ( cat /dev/null > /etc/resolv.conf.dhclient6 )
-- exit_status=$?
-- if [ $exit_status -ne 0 ] ; then
-- $LOGGER "Unable to create /etc/resolv.conf.dhclient6: Error
$exit_status"
-- else
-- if [ "x${new_dhcp6_domain_search}" != x ] ; then
-- ( echo search ${new_dhcp6_domain_search} >> /etc/resolv.conf.dhclient6 )
-- exit_status=$?
-- fi
-- for nameserver in ${new_dhcp6_name_servers} ; do
-- if [ $exit_status -ne 0 ] ; then
-- break
-- fi
- # If the nameserver has a link-local address
- # add a <zone_id> (interface name) to it.
- case $nameserver in
- fe80:*) zone_id="%$interface";;
- FE80:*) zone_id="%$interface";;
- *) zone_id='';;
- esac
-- ( echo nameserver ${nameserver}$zone_id >> /etc/resolv.conf.dhclient6 )
-- exit_status=$?
-- done
--
-- if [ $exit_status -eq 0 ] ; then
-- ( mv /etc/resolv.conf.dhclient6 /etc/resolv.conf )
-- exit_status=$?
-- fi
-+ if [ "x${new_dhcp6_domain_search}" != x ] ; then
-+ conf="${conf}search ${new_dhcp6_domain_search}\n"
-+ fi
-+ for nameserver in ${new_dhcp6_name_servers} ; do
-+ conf="${conf}nameserver ${nameserver}$zone_id\n"
-+ done
-+ fi
-
-- if [ $exit_status -ne 0 ] ; then
-- $LOGGER "Error while writing new /etc/resolv.conf."
-- fi
-+ if [ x"$conf" != x ]; then
-+ conf="# Generated by dhclient or interface $interface\n${conf}"
-+ if type resolvconf >/dev/null 2>&1; then
-+ printf "${conf}" | resolvconf -a $interface
-+ else
-+ printf "${conf}" > /etc/resolv.conf
-+ chmod 644 /etc/resolv.conf
- fi
- fi
- }
---- a/client/scripts/linux
-+++ b/client/scripts/linux
-@@ -26,44 +26,49 @@
- ip=/sbin/ip
-
- make_resolv_conf() {
-+ if [ x"$PEER_DNS" != x ] && [ x"$PEER_DNS" != xyes ]; then
-+ return 0
-+ fi
-+ local conf=
- if [ x"$new_domain_name_servers" != x ]; then
-- cat /dev/null > /etc/resolv.conf.dhclient
-- chmod 644 /etc/resolv.conf.dhclient
-- if [ x"$new_domain_search" != x ]; then
-- echo search $new_domain_search >> /etc/resolv.conf.dhclient
-- elif [ x"$new_domain_name" != x ]; then
-+ if [ "x$new_domain_search" != x ]; then
-+ conf="${conf}search ${new_domain_search}\n"
-+ elif [ "x$new_domain_name" != x ]; then
- # Note that the DHCP 'Domain Name Option' is really just a domain
- # name, and that this practice of using the domain name option as
- # a search path is both nonstandard and deprecated.
-- echo search $new_domain_name >> /etc/resolv.conf.dhclient
-+ conf="${conf}search ${new_domain_name}\n"
- fi
- for nameserver in $new_domain_name_servers; do
-- echo nameserver $nameserver >>/etc/resolv.conf.dhclient
-+ conf="${conf}nameserver ${nameserver}\n"
- done
--
-- mv /etc/resolv.conf.dhclient /etc/resolv.conf
- elif [ "x${new_dhcp6_name_servers}" != x ] ; then
-- cat /dev/null > /etc/resolv.conf.dhclient6
-- chmod 644 /etc/resolv.conf.dhclient6
--
- if [ "x${new_dhcp6_domain_search}" != x ] ; then
-- echo search ${new_dhcp6_domain_search} >> /etc/resolv.conf.dhclient6
-+ conf="${conf}search ${new_dhcp6_domain_search}\n"
- fi
- shopt -s nocasematch
- for nameserver in ${new_dhcp6_name_servers} ; do
- # If the nameserver has a link-local address
- # add a <zone_id> (interface name) to it.
- if [[ "$nameserver" =~ ^fe80:: ]]
- then
- zone_id="%$interface"
- else
- zone_id=
- fi
-- echo nameserver ${nameserver}$zone_id >> /etc/resolv.conf.dhclient6
-+ conf="${conf}nameserver ${nameserver}$zone_id\n"
- done
- shopt -u nocasematch
-+ fi
-
-- mv /etc/resolv.conf.dhclient6 /etc/resolv.conf
-+ if [ x"$conf" != x ]; then
-+ conf="# Generated by dhclient or interface $interface\n${conf}"
-+ if type resolvconf >/dev/null 2>&1; then
-+ printf "${conf}" | resolvconf -a $interface
-+ else
-+ printf "${conf}" > /etc/resolv.conf
-+ chmod 644 /etc/resolv.conf
-+ fi
- fi
- }
-
---- a/client/scripts/netbsd
-+++ b/client/scripts/netbsd
-@@ -1,40 +1,46 @@
- #!/bin/sh
-
- make_resolv_conf() {
-- if [ "x$new_domain_name" != x ] && [ x"$new_domain_name_servers" != x ];
then
-- cat /dev/null > /etc/resolv.conf.dhclient
-- if [ "x$new_domain_search" != x ]; then
-- echo search $new_domain_search >> /etc/resolv.conf.dhclient
-- elif [ "x$new_domain_name" != x ]; then
-+ if [ x"$PEER_DNS" != x ] && [ x"$PEER_DNS" != xyes ]; then
-+ return 0
-+ fi
-+ local conf=
-+ if [ x"$new_domain_name_servers" != x ]; then
-+ if [ "x$new_domain_search" != x ]; then
-+ conf="${conf}search ${new_domain_search}\n"
-+ elif [ "x$new_domain_name" != x ]; then
- # Note that the DHCP 'Domain Name Option' is really just a domain
- # name, and that this practice of using the domain name option as
- # a search path is both nonstandard and deprecated.
-- echo search $new_domain_name >> /etc/resolv.conf.dhclient
-+ conf="${conf}search ${new_domain_name}\n"
- fi
- for nameserver in $new_domain_name_servers; do
-- echo nameserver $nameserver >>/etc/resolv.conf.dhclient
-+ conf="${conf}nameserver ${nameserver}\n"
- done
--
-- mv /etc/resolv.conf.dhclient /etc/resolv.conf
- elif [ "x${new_dhcp6_name_servers}" != x ] ; then
-- cat /dev/null > /etc/resolv.conf.dhclient6
-- chmod 644 /etc/resolv.conf.dhclient6
--
- if [ "x${new_dhcp6_domain_search}" != x ] ; then
-- echo search ${new_dhcp6_domain_search} >> /etc/resolv.conf.dhclient6
-+ conf="${conf}search ${new_dhcp6_domain_search}\n"
- fi
- for nameserver in ${new_dhcp6_name_servers} ; do
- # If the nameserver has a link-local address
- # add a <zone_id> (interface name) to it.
- case $nameserver in
- fe80:*) zone_id="%$interface";;
- FE80:*) zone_id="%$interface";;
- *) zone_id='';;
- esac
-- echo nameserver ${nameserver}$zone_id >> /etc/resolv.conf.dhclient6
-+ conf="${conf}nameserver ${nameserver}$zone_id\n"
- done
-+ fi
-
-- mv /etc/resolv.conf.dhclient6 /etc/resolv.conf
-+ if [ x"$conf" != x ]; then
-+ conf="# Generated by dhclient or interface $interface\n${conf}"
-+ if type resolvconf >/dev/null 2>&1; then
-+ printf "${conf}" | resolvconf -a $interface
-+ else
-+ printf "${conf}" > /etc/resolv.conf
-+ chmod 644 /etc/resolv.conf
-+ fi
- fi
- }
-
---- a/client/scripts/openbsd
-+++ b/client/scripts/openbsd
-@@ -1,40 +1,46 @@
- #!/bin/sh
-
- make_resolv_conf() {
-- if [ x"$new_domain_name_servers" != x ]; then
-- cat /dev/null > /etc/resolv.conf.dhclient
-- if [ x"$new_domain_search" != x ]; then
-- echo search $new_domain_search >> /etc/resolv.conf.dhclient
-- elif [ x"$new_domain_name" != x ]; then
-+ if [ x"$PEER_DNS" != x ] && [ x"$PEER_DNS" != xyes ]; then
-+ return 0
-+ fi
-+ local conf=
-+ if [ x"$new_domain_name_servers" != x ]; then
-+ if [ "x$new_domain_search" != x ]; then
-+ conf="${conf}search ${new_domain_search}\n"
-+ elif [ "x$new_domain_name" != x ]; then
- # Note that the DHCP 'Domain Name Option' is really just a domain
- # name, and that this practice of using the domain name option as
- # a search path is both nonstandard and deprecated.
-- echo search $new_domain_name >> /etc/resolv.conf.dhclient
-+ conf="${conf}search ${new_domain_name}\n"
- fi
- for nameserver in $new_domain_name_servers; do
-- echo nameserver $nameserver >>/etc/resolv.conf.dhclient
-+ conf="${conf}nameserver ${nameserver}\n"
- done
--
-- mv /etc/resolv.conf.dhclient /etc/resolv.conf
- elif [ "x${new_dhcp6_name_servers}" != x ] ; then
-- cat /dev/null > /etc/resolv.conf.dhclient6
-- chmod 644 /etc/resolv.conf.dhclient6
--
- if [ "x${new_dhcp6_domain_search}" != x ] ; then
-- echo search ${new_dhcp6_domain_search} >> /etc/resolv.conf.dhclient6
-+ conf="${conf}search ${new_dhcp6_domain_search}\n"
- fi
- for nameserver in ${new_dhcp6_name_servers} ; do
- # If the nameserver has a link-local address
- # add a <zone_id> (interface name) to it.
- case $nameserver in
- fe80:*) zone_id="%$interface";;
- FE80:*) zone_id="%$interface";;
- *) zone_id='';;
- esac
-- echo nameserver ${nameserver}$zone_id >> /etc/resolv.conf.dhclient6
-+ conf="${conf}nameserver ${nameserver}$zone_id\n"
- done
-+ fi
-
-- mv /etc/resolv.conf.dhclient6 /etc/resolv.conf
-+ if [ x"$conf" != x ]; then
-+ conf="# Generated by dhclient or interface $interface\n${conf}"
-+ if type resolvconf >/dev/null 2>&1; then
-+ printf "${conf}" | resolvconf -a $interface
-+ else
-+ printf "${conf}" > /etc/resolv.conf
-+ chmod 644 /etc/resolv.conf
-+ fi
- fi
- }
-
---- a/client/scripts/solaris
-+++ b/client/scripts/solaris
-@@ -1,21 +1,39 @@
- #!/bin/sh
-
- make_resolv_conf() {
-+ if [ x"$PEER_DNS" != x ] && [ x"$PEER_DNS" != xyes ]; then
-+ return 0
-+ fi
-+ local conf=
- if [ x"$new_domain_name_servers" != x ]; then
-- cat /dev/null > /etc/resolv.conf.dhclient
-- if [ x"$new_domain_search" != x ]; then
-- echo search $new_domain_search >> /etc/resolv.conf.dhclient
-- elif [ x"$new_domain_name" != x ]; then
-+ if [ "x$new_domain_search" != x ]; then
-+ conf="${conf}search ${new_domain_search}\n"
-+ elif [ "x$new_domain_name" != x ]; then
- # Note that the DHCP 'Domain Name Option' is really just a domain
- # name, and that this practice of using the domain name option as
- # a search path is both nonstandard and deprecated.
-- echo search $new_domain_name >> /etc/resolv.conf.dhclient
-+ conf="${conf}search ${new_domain_name}\n"
- fi
- for nameserver in $new_domain_name_servers; do
-- echo nameserver $nameserver >>/etc/resolv.conf.dhclient
-+ conf="${conf}nameserver ${nameserver}\n"
-+ done
-+ elif [ "x${new_dhcp6_name_servers}" != x ] ; then
-+ if [ "x${new_dhcp6_domain_search}" != x ] ; then
-+ conf="${conf}search ${new_dhcp6_domain_search}\n"
-+ fi
-+ for nameserver in ${new_dhcp6_name_servers} ; do
-+ conf="${conf}nameserver ${nameserver}\n"
- done
-+ fi
-
-- mv /etc/resolv.conf.dhclient /etc/resolv.conf
-+ if [ x"$conf" != x ]; then
-+ conf="# Generated by dhclient or interface $interface\n${conf}"
-+ if type resolvconf >/dev/null 2>&1; then
-+ printf "${conf}" | resolvconf -a $interface
-+ else
-+ printf "${conf}" > /etc/resolv.conf
-+ chmod 644 /etc/resolv.conf
-+ fi
- fi
- }
-
diff --git a/net-misc/dhcp/files/dhcp-4.3.3-bind-disable.patch
b/net-misc/dhcp/files/dhcp-4.3.3-bind-disable.patch
deleted file mode 100644
index 1064bbf..00000000
--- a/net-misc/dhcp/files/dhcp-4.3.3-bind-disable.patch
+++ /dev/null
@@ -1,30 +0,0 @@
---- dhcp-4.3.3/bind/Makefile.in
-+++ dhcp-4.3.3/bind/Makefile.in
-@@ -40,6 +40,7 @@
- @BIND_ATF_TRUE@all: bind1 atf bind2
-
- bind1:
-+disable:
- # Extract the source from the tarball, if it hasn't been already.
- @if test -d ${bindsrcdir} ; then \
- echo ${bindsrcdir} already unpacked... ; \
-@@ -68,6 +69,7 @@
- fi
-
- atf:
-+disable:
- # Build and copy the ATF support if not yet installed.
- @if test -d ./atf ; then \
- echo ATF support already installed ; \
-@@ -79,6 +81,7 @@
- fi
-
- bind2:
-+disable:
- # Build and install the export libraries
- # No need to do anything if we already have something installed.
- @if test -d ${binddir}/lib ; then \
---- dhcp-4.3.3/bind/test
-+++ dhcp-4.3.3/bind/test
-@@ -0,0 +1 @@
-+--disable-kqueue --disable-epoll --disable-devpoll --without-openssl
--without-libxml2 --enable-exportlib --with-gssapi=no --enable-threads=no
@BINDCONFIG@ --with-export-includedir=${binddir}/include
--with-export-libdir=${binddir}/lib
