summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'net-ftp/tlswrap/files')
-rw-r--r--net-ftp/tlswrap/files/fix-Wformat-security-warnings.patch67
-rw-r--r--net-ftp/tlswrap/files/modernize-am_init_automake.patch30
-rw-r--r--net-ftp/tlswrap/files/respect-cflags.patch66
3 files changed, 163 insertions, 0 deletions
diff --git a/net-ftp/tlswrap/files/fix-Wformat-security-warnings.patch b/net-ftp/tlswrap/files/fix-Wformat-security-warnings.patch
new file mode 100644
index 000000000000..e90ffffc4335
--- /dev/null
+++ b/net-ftp/tlswrap/files/fix-Wformat-security-warnings.patch
@@ -0,0 +1,67 @@
+From dbbc4b17b5fdd08b11b0f285cfc99a28be8a89e5 Mon Sep 17 00:00:00 2001
+From: Michael Orlitzky <michael@orlitzky.com>
+Date: Thu, 11 Aug 2016 13:05:43 -0400
+Subject: [PATCH 3/3] Fix -Wformat-security warnings by adding trivial format
+ strings.
+
+Newer versions of GCC have the option to output warnings for insecure
+(e.g. missing) format string usage. A few places were making calls to
+the printf family of functions, and passing in a string variable
+without a format string. In all cases, the desired format string was
+simply "%s", intended to print the sole argument, and that "%s" has
+been added.
+
+This eliminates the warnings, and allows the build to complete when
+-Werror=format-security is used.
+---
+ misc.c | 4 ++--
+ parse.c | 4 ++--
+ 2 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/misc.c b/misc.c
+index ebaabb2..d9bb150 100644
+--- a/misc.c
++++ b/misc.c
+@@ -164,7 +164,7 @@ int print_to_ud(struct user_data *ud, const char *s) {
+ size_t slen;
+ char str[1024];
+
+- snprintf(str, sizeof(str), s);
++ snprintf(str, sizeof(str), "%s", s);
+
+ slen = strlen(str); /* NOT including null char */
+
+@@ -184,7 +184,7 @@ int print_to_serv(struct user_data *ud, const char *s) {
+ size_t slen;
+ char str[130];
+
+- snprintf(str, sizeof(str), s);
++ snprintf(str, sizeof(str), "%s", s);
+ slen = strlen(str); /* NOT including null char */
+ if ( (&ud->u2s_buf[U2S_SIZE]-ud->u2s_i)<slen) {
+ printf("print_to_ud: can't fit string to buffer\n");
+diff --git a/parse.c b/parse.c
+index 1174202..ac4529f 100644
+--- a/parse.c
++++ b/parse.c
+@@ -345,7 +345,7 @@ parse_serv_buf(struct user_data *ud, int index, char *ucertspath, char *cafile)
+ ud->serv_status = SERV_PBSZ;
+ snprintf(s, sizeof(s), "PROT %c\r\n", ud->prot);
+ if (debug)
+- printf(s);
++ printf("%s", s);
+ print_to_serv(ud,s);
+ } else if ((ud->serv_status == SERV_PBSZ) && (strncasecmp(dst,"200 ",4) == 0) ) {
+ ud->serv_status = SERV_PROT;
+@@ -365,7 +365,7 @@ parse_serv_buf(struct user_data *ud, int index, char *ucertspath, char *cafile)
+ } else if (ud->delay_prot && (ud->serv_status == SERV_PROT) && (strncasecmp(dst,"230 ",4) == 0) ) {
+ snprintf(s, sizeof(s), "PROT %c\r\n", ud->prot);
+ if (debug)
+- printf(s);
++ printf("%s", s);
+ print_to_serv(ud,s);
+ } else if (ud->delay_prot && (ud->serv_status == SERV_PROT) && (strncasecmp(dst,"200 ",4) == 0) ) {
+ write(ud->user_fd, "230 Bypassed login text because the ftpd can't handle PROT before USER.\r\n", 73);
+--
+2.7.3
+
diff --git a/net-ftp/tlswrap/files/modernize-am_init_automake.patch b/net-ftp/tlswrap/files/modernize-am_init_automake.patch
new file mode 100644
index 000000000000..6171e45801ab
--- /dev/null
+++ b/net-ftp/tlswrap/files/modernize-am_init_automake.patch
@@ -0,0 +1,30 @@
+From 4d6541b108ab59e30e7413a5bc62f29bbc1fd2ab Mon Sep 17 00:00:00 2001
+From: Michael Orlitzky <michael@orlitzky.com>
+Date: Thu, 11 Aug 2016 13:00:53 -0400
+Subject: [PATCH 2/3] Modernize the AM_INIT_AUTOMAKE invocation.
+
+The existing call to AM_INIT_AUTOMAKE, which passed both the project
+name and its version, had been deprecated. These days, you're supposed
+to pass those things to AC_INIT, and then call AM_INIT_AUTOMAKE with
+no arguments. This commit does that, and fixes the version number in
+the process.
+---
+ configure.ac | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 575a5ab..fe26bad 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -1,6 +1,6 @@
+ dnl Process this file with autoconf to produce a configure script.
+-AC_INIT(tlswrap.c)
+-AM_INIT_AUTOMAKE(tlswrap, 0.8)
++AC_INIT(tlswrap.c, 1.04)
++AM_INIT_AUTOMAKE
+
+ dnl
+ dnl Get cannonical host
+--
+2.7.3
+
diff --git a/net-ftp/tlswrap/files/respect-cflags.patch b/net-ftp/tlswrap/files/respect-cflags.patch
new file mode 100644
index 000000000000..38da48b167e4
--- /dev/null
+++ b/net-ftp/tlswrap/files/respect-cflags.patch
@@ -0,0 +1,66 @@
+From 1a38cd3f931d728fc7a2bcfdf1fa19510a19acde Mon Sep 17 00:00:00 2001
+From: Michael Orlitzky <michael@orlitzky.com>
+Date: Thu, 11 Aug 2016 12:53:53 -0400
+Subject: [PATCH 1/3] Rename configure.in to configure.ac and respect the
+ user's CFLAGS.
+
+The name configure.in has been deprecated for a long time, so the
+first order of business was to rename it to configure.ac.
+
+To respect the user's CFLAGS, the most important change was to remove
+the line CFLAGS="-g" which wiped out any pre-existing CFLAGS and
+replaced them all with just "-g". There was also a test for GCC that
+would append a few flags like "-O2" and "-Wall" to the user's CFLAGS
+if the configure script detected GCC. That test was modified to only
+trigger when the user's CFLAGS were unset, and in that case, the (now
+removed) "-g" flag was added back.
+
+The end result of the CFLAGS changes is that a default set of CFLAGS
+will be used for GCC, but only if the user does not have any CFLAGS
+previously set. The default behavior should be completely unchanged
+when CFLAGS="".
+
+Gentoo-Bug: 240898
+---
+ configure.in => configure.ac | 17 ++++-------------
+ 1 file changed, 4 insertions(+), 13 deletions(-)
+ rename configure.in => configure.ac (84%)
+
+diff --git a/configure.in b/configure.ac
+similarity index 84%
+rename from configure.in
+rename to configure.ac
+index dd0ee15..575a5ab 100644
+--- a/configure.in
++++ b/configure.ac
+@@ -6,23 +6,14 @@ dnl
+ dnl Get cannonical host
+ dnl
+
+-CFLAGS="-g"
+-
+ dnl Checks for programs.
+ AC_PROG_CC
+-if test "$GCC" = "yes" && test "$CC" != "icc"; then CFLAGS="$CFLAGS -O2 -Wall -Wmissing-prototypes"; fi
+-# if test -n "$GCC"; then
+-# CFLAGS="$CFLAGS -O2 -Wall -Wmissing-prototypes"
+-# else
+- #case "$host_os" in
+-# *hpux*) CFLAGS="$CFLAGS +O3" ;;
+-# *ultrix* | *osf*) CFLAGS="$CFLAGS -O -Olimit 2000" ;;
+-# *) CFLAGS="$CFLAGS -O" ;;
+-# esac
+-# fi
++if test "$GCC" = "yes" && test "$CC" != "icc" && test -z "$CFLAGS" ; then
++ CFLAGS="-g -O2 -Wall -Wmissing-prototypes";
++fi
+
+ AC_CYGWIN
+-if test "$CYGWIN" = "yes"; then CFLAGS="$CFLAGS -Dsys_errlist=_imp___sys_errlist"; fi
++if test "$CYGWIN" = "yes"; then CFLAGS="$CFLAGS -g -Dsys_errlist=_imp___sys_errlist"; fi
+ checkssldir() { :
+ if test -f "$1/include/openssl/ssl.h"; then
+ # AC_DEFINE(HAVE_OPENSSL)
+--
+2.7.3
+