diff options
| author | Leonardo Arena <rnalrd@gmail.com> | 2010-02-22 12:18:36 +0000 |
|---|---|---|
| committer | Leonardo Arena <rnalrd@gmail.com> | 2010-02-22 12:18:36 +0000 |
| commit | 3d5683dc57fd84fb689a4b788818022b514713e4 (patch) | |
| tree | 7988e122bea72013d7c2d149130ac3cf10526b13 | |
| parent | e558ed22f63a6cc58506924726f2dd557898c63a (diff) | |
| download | aports-3d5683dc57fd84fb689a4b788818022b514713e4.tar.bz2 aports-3d5683dc57fd84fb689a4b788818022b514713e4.tar.xz | |
testing/open-iscsi-grsec: new aport
| -rw-r--r-- | testing/open-iscsi-grsec/APKBUILD | 55 | ||||
| -rw-r--r-- | testing/open-iscsi-grsec/CVE-2009-1297.patch | 31 | ||||
| -rw-r--r-- | testing/open-iscsi-grsec/Makefile.kernel.patch | 11 | ||||
| -rw-r--r-- | testing/open-iscsi-grsec/open-iscsi-2.0.871-makefile-cleanup.patch | 33 |
4 files changed, 130 insertions, 0 deletions
diff --git a/testing/open-iscsi-grsec/APKBUILD b/testing/open-iscsi-grsec/APKBUILD new file mode 100644 index 000000000..09b3091d0 --- /dev/null +++ b/testing/open-iscsi-grsec/APKBUILD @@ -0,0 +1,55 @@ +# Maintainer: Leonardo Arena <rnalrd@gmail.com> + +_flavor=grsec +_realname=open-iscsi +_realver=2.0-871 +# source the kernel version +if [ -f ../../main/linux-$_flavor/APKBUILD ]; then + . ../../main/linux-$_flavor/APKBUILD +fi +_kver=$pkgver +_kernelver=$pkgver-r$pkgrel +_abi_release=$pkgver-${_flavor} +_kpkgrel=$pkgrel +_ksrc=/usr/src/linux-headers-${_abi_release} + +_iscsiver=2.0-871 + +pkgname=${_realname}-${_flavor} +pkgver=$_kver +_mypkgrel=0 +pkgrel=$(($_kpkgrel + $_mypkgrel)) +pkgdesc="$_flavor kernel modules for open-iscsi $_iscsiver" +url="http://www.open-iscsi.org" +license="GPL-2" +depends="linux-${_flavor}=${_kernelver}" +install= +makedepends="linux-${_flavor}-dev=${_kernelver}" +subpackages= +source="http://www.open-iscsi.org/bits/$_realname-$_realver.tar.gz + Makefile.kernel.patch + CVE-2009-1297.patch + open-iscsi-2.0.871-makefile-cleanup.patch" + +prepare() { + cd "$srcdir"/$_realname-$_realver + patch -p0 < ../../CVE-2009-1297.patch || return 1 + patch -p1 < ../../open-iscsi-2.0.871-makefile-cleanup.patch || return 1 + patch -p2 < ../../Makefile.kernel.patch || return 1 +} + +build() { + cd "$srcdir"/$_realname-$_realver + unset ARCH + make KSRC="$_ksrc" kernel || return 1 +} + +package() { + cd "$srcdir"/$_realname-$_realver + make KSRC="$_ksrc" INSTALL_MOD_PATH="$pkgdir" install_kernel || return +} + +md5sums="0c403e8c9ad41607571ba0e6e8ff196e open-iscsi-2.0-871.tar.gz +c5289f800ceebf59319fea284d476cdf Makefile.kernel.patch +d1584790b4e12f087e60089880b53d2b CVE-2009-1297.patch +734300d7b7590dc9ae9b2fb7f5b51bf0 open-iscsi-2.0.871-makefile-cleanup.patch" diff --git a/testing/open-iscsi-grsec/CVE-2009-1297.patch b/testing/open-iscsi-grsec/CVE-2009-1297.patch new file mode 100644 index 000000000..d1728fff7 --- /dev/null +++ b/testing/open-iscsi-grsec/CVE-2009-1297.patch @@ -0,0 +1,31 @@ +--- utils.orig/iscsi_discovery 2009-10-26 23:09:08.000000000 +0100 ++++ utils/iscsi_discovery 2009-10-26 23:11:56.000000000 +0100 +@@ -104,24 +104,22 @@ + + connected=0 + discovered=0 +- df=/tmp/discovered.$$ + + dbg "starting discovery to $ip" +- iscsiadm -m discovery --type sendtargets --portal ${ip}:${port} > ${df} +- while read portal target ++ disc="$(iscsiadm -m discovery --type sendtargets --portal ${ip}:${port})" ++ echo "${disc}" | while read portal target + do + portal=${portal%,*} + select_transport +- done < ${df} ++ done + +- discovered=$(cat ${df} | wc -l) ++ discovered=$(echo "${disc}" | wc -l) + if [ ${discovered} = 0 ]; then + echo "failed to discover targets at ${ip}" + exit 2 + else + echo "discovered ${discovered} targets at ${ip}" + fi +- /bin/rm -f ${df} + } + + try_login() diff --git a/testing/open-iscsi-grsec/Makefile.kernel.patch b/testing/open-iscsi-grsec/Makefile.kernel.patch new file mode 100644 index 000000000..552e31b47 --- /dev/null +++ b/testing/open-iscsi-grsec/Makefile.kernel.patch @@ -0,0 +1,11 @@ +--- src/open-iscsi-2.0-871/kernel/Makefile ++++ Makefile +@@ -102,6 +102,8 @@ + + linux_2_6_30: $(unpatch_code) + ++linux_2_6_32: $(unpatch_code) ++ + + do_unpatch_code: + echo "Un-patching source code for use with linux-2.6.14 and up ..." diff --git a/testing/open-iscsi-grsec/open-iscsi-2.0.871-makefile-cleanup.patch b/testing/open-iscsi-grsec/open-iscsi-2.0.871-makefile-cleanup.patch new file mode 100644 index 000000000..6ca2a4eab --- /dev/null +++ b/testing/open-iscsi-grsec/open-iscsi-2.0.871-makefile-cleanup.patch @@ -0,0 +1,33 @@ +diff -Nuar open-iscsi-2.0-871.orig/usr/Makefile open-iscsi-2.0-871/usr/Makefile +--- open-iscsi-2.0-871.orig/usr/Makefile 2009-07-10 20:55:58.000000000 -0700 ++++ open-iscsi-2.0-871/usr/Makefile 2009-11-12 00:58:16.467960344 -0800 +@@ -48,14 +48,14 @@ + all: $(PROGRAMS) + + iscsid: $(COMMON_SRCS) $(IPC_OBJ) $(INITIATOR_SRCS) iscsid.o +- $(CC) $(CFLAGS) $^ -o $@ ++ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ + + iscsiadm: $(COMMON_SRCS) $(FW_BOOT_SRCS) strings.o discovery.o iscsiadm.o +- $(CC) $(CFLAGS) $^ -o $@ ++ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ + + iscsistart: $(IPC_OBJ) $(ISCSI_LIB_SRCS) $(INITIATOR_SRCS) $(FW_BOOT_SRCS) \ + iscsistart.o statics.o +- $(CC) $(CFLAGS) -static $^ -o $@ ++ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ + clean: + rm -f *.o $(PROGRAMS) .depend $(LIBSYS) + +diff -Nuar open-iscsi-2.0-871.orig/utils/Makefile open-iscsi-2.0-871/utils/Makefile +--- open-iscsi-2.0-871.orig/utils/Makefile 2009-07-10 20:55:58.000000000 -0700 ++++ open-iscsi-2.0-871/utils/Makefile 2009-11-12 00:58:56.404623435 -0800 +@@ -6,7 +6,7 @@ + all: $(PROGRAMS) + + iscsi-iname: md5.o iscsi-iname.o +- $(CC) $(CFLAGS) $^ $(DBM_LIB) -o $@ ++ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(DBM_LIB) $^ + + clean: + rm -f *.o $(PROGRAMS) .depend |