From 7a3611f5caa5e34c1f2b582640f97b733110ae63 Mon Sep 17 00:00:00 2001 From: Parabola Date: Mon, 9 Jan 2012 13:47:51 +0000 Subject: Mon Jan 9 13:47:49 UTC 2012 --- ...rypt_get_volume_key_size-for-plain-device.patch | 94 ------ core/gcc/gcc-pr49720.patch | 26 -- .../glibc-2.12.1-static-shared-getpagesize.patch | 11 - core/glibc/glibc-2.13-futex.patch | 31 -- core/glibc/glibc-2.14.1-tzfile-overflow.patch | 72 ----- core/krb5/krb5-1.9.1-2011-006.patch | 75 ----- ...-for-libnl-2.x-adapted-from-a-newer-versi.patch | 344 --------------------- ...eturns-its-own-error-codes-not-errnos-han.patch | 159 ---------- core/syslog-ng/PKGBUILD | 53 ---- core/syslog-ng/syslog-ng.conf | 92 ------ core/syslog-ng/syslog-ng.logrotate | 7 - core/syslog-ng/syslog-ng.rc | 66 ---- 12 files changed, 1030 deletions(-) delete mode 100644 core/cryptsetup/cryptsetup-fix-crypt_get_volume_key_size-for-plain-device.patch delete mode 100644 core/gcc/gcc-pr49720.patch delete mode 100644 core/glibc/glibc-2.12.1-static-shared-getpagesize.patch delete mode 100644 core/glibc/glibc-2.13-futex.patch delete mode 100644 core/glibc/glibc-2.14.1-tzfile-overflow.patch delete mode 100644 core/krb5/krb5-1.9.1-2011-006.patch delete mode 100644 core/libpcap/Add-support-for-libnl-2.x-adapted-from-a-newer-versi.patch delete mode 100644 core/libpcap/Libnl-2.x-returns-its-own-error-codes-not-errnos-han.patch delete mode 100644 core/syslog-ng/PKGBUILD delete mode 100644 core/syslog-ng/syslog-ng.conf delete mode 100644 core/syslog-ng/syslog-ng.logrotate delete mode 100755 core/syslog-ng/syslog-ng.rc (limited to 'core') diff --git a/core/cryptsetup/cryptsetup-fix-crypt_get_volume_key_size-for-plain-device.patch b/core/cryptsetup/cryptsetup-fix-crypt_get_volume_key_size-for-plain-device.patch deleted file mode 100644 index f35226122..000000000 --- a/core/cryptsetup/cryptsetup-fix-crypt_get_volume_key_size-for-plain-device.patch +++ /dev/null @@ -1,94 +0,0 @@ -Index: ChangeLog -=================================================================== ---- ChangeLog (Revision 664) -+++ ChangeLog (Revision 665) -@@ -1,3 +1,6 @@ -+2011-10-27 Milan Broz -+ * Fix crypt_get_volume_key_size() for plain device. -+ - 2011-10-25 Milan Broz - * Print informative message in isLuks only in verbose mode. - * Version 1.4.0. -Index: tests/api-test.c -=================================================================== ---- tests/api-test.c (Revision 664) -+++ tests/api-test.c (Revision 665) -@@ -660,6 +660,11 @@ - - FAIL_(crypt_init_by_name_and_header(&cd, CDEVICE_1, H_DEVICE),"can't init plain device by header device"); - OK_(crypt_init_by_name(&cd, CDEVICE_1)); -+ OK_(strcmp(cipher_mode,crypt_get_cipher_mode(cd))); -+ OK_(strcmp(cipher,crypt_get_cipher(cd))); -+ EQ_((int)key_size, crypt_get_volume_key_size(cd)); -+ EQ_(params.skip, crypt_get_iv_offset(cd)); -+ EQ_(params.offset, crypt_get_data_offset(cd)); - OK_(crypt_deactivate(cd, CDEVICE_1)); - crypt_free(cd); - -Index: lib/setup.c -=================================================================== ---- lib/setup.c (Revision 664) -+++ lib/setup.c (Revision 665) -@@ -56,6 +56,7 @@ - char *plain_cipher; - char *plain_cipher_mode; - char *plain_uuid; -+ unsigned int plain_key_size; - - /* used in CRYPT_LOOPAES */ - struct crypt_params_loopaes loopaes_hdr; -@@ -677,6 +678,7 @@ - (*cd)->plain_hdr.hash = NULL; /* no way to get this */ - (*cd)->plain_hdr.offset = dmd.offset; - (*cd)->plain_hdr.skip = dmd.iv_offset; -+ (*cd)->plain_key_size = dmd.vk->keylength; - - r = crypt_parse_name_and_mode(dmd.cipher, cipher, NULL, cipher_mode); - if (!r) { -@@ -754,6 +756,7 @@ - return -EINVAL; - } - -+ cd->plain_key_size = volume_key_size; - cd->volume_key = crypt_alloc_volume_key(volume_key_size, NULL); - if (!cd->volume_key) - return -ENOMEM; -@@ -1516,7 +1519,7 @@ - } - - r = process_key(cd, cd->plain_hdr.hash, -- cd->volume_key->keylength, -+ cd->plain_key_size, - passphrase, passphrase_size, &vk); - if (r < 0) - goto out; -@@ -1586,7 +1589,7 @@ - goto out; - - r = process_key(cd, cd->plain_hdr.hash, -- cd->volume_key->keylength, -+ cd->plain_key_size, - passphrase_read, passphrase_size_read, &vk); - if (r < 0) - goto out; -@@ -1658,8 +1661,7 @@ - if (!name) - return -EINVAL; - -- if (!volume_key || !volume_key_size || !cd->volume_key || -- volume_key_size != cd->volume_key->keylength) { -+ if (!volume_key || !volume_key_size || volume_key_size != cd->plain_key_size) { - log_err(cd, _("Incorrect volume key specified for plain device.\n")); - return -EINVAL; - } -@@ -1976,8 +1978,8 @@ - - int crypt_get_volume_key_size(struct crypt_device *cd) - { -- if (isPLAIN(cd->type) && cd->volume_key) -- return cd->volume_key->keylength; -+ if (isPLAIN(cd->type)) -+ return cd->plain_key_size; - - if (isLUKS(cd->type)) - return cd->hdr.keyBytes; diff --git a/core/gcc/gcc-pr49720.patch b/core/gcc/gcc-pr49720.patch deleted file mode 100644 index 8f50c4120..000000000 --- a/core/gcc/gcc-pr49720.patch +++ /dev/null @@ -1,26 +0,0 @@ ---- trunk/gcc/simplify-rtx.c 2011/10/28 05:55:10 180603 -+++ trunk/gcc/simplify-rtx.c 2011/10/28 06:35:31 180604 -@@ -4352,10 +4352,20 @@ - { - rtx x = XEXP (op0, 0); - rtx c = XEXP (op0, 1); -+ enum rtx_code invcode = op0code == PLUS ? MINUS : PLUS; -+ rtx tem = simplify_gen_binary (invcode, cmp_mode, op1, c); - -- c = simplify_gen_binary (op0code == PLUS ? MINUS : PLUS, -- cmp_mode, op1, c); -- return simplify_gen_relational (code, mode, cmp_mode, x, c); -+ /* Detect an infinite recursive condition, where we oscillate at this -+ simplification case between: -+ A + B == C <---> C - B == A, -+ where A, B, and C are all constants with non-simplifiable expressions, -+ usually SYMBOL_REFs. */ -+ if (GET_CODE (tem) == invcode -+ && CONSTANT_P (x) -+ && rtx_equal_p (c, XEXP (tem, 1))) -+ return NULL_RTX; -+ -+ return simplify_gen_relational (code, mode, cmp_mode, x, tem); - } - - /* (ne:SI (zero_extract:SI FOO (const_int 1) BAR) (const_int 0))) is diff --git a/core/glibc/glibc-2.12.1-static-shared-getpagesize.patch b/core/glibc/glibc-2.12.1-static-shared-getpagesize.patch deleted file mode 100644 index e84754279..000000000 --- a/core/glibc/glibc-2.12.1-static-shared-getpagesize.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- glibc-2.12-192-g7c08a05/sysdeps/unix/sysv/linux/getpagesize.c -+++ glibc-2.12.90-17/sysdeps/unix/sysv/linux/getpagesize.c -@@ -28,7 +28,7 @@ - int - __getpagesize () - { --#ifdef __ASSUME_AT_PAGESIZE -+#if 0 && defined __ASSUME_AT_PAGESIZE - assert (GLRO(dl_pagesize) != 0); - return GLRO(dl_pagesize); - #else diff --git a/core/glibc/glibc-2.13-futex.patch b/core/glibc/glibc-2.13-futex.patch deleted file mode 100644 index 9b9c3ac45..000000000 --- a/core/glibc/glibc-2.13-futex.patch +++ /dev/null @@ -1,31 +0,0 @@ ---- a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_rwlock_timedrdlock.S -+++ a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_rwlock_timedrdlock.S -@@ -210,7 +210,7 @@ pthread_rwlock_timedrdlock: - cfi_restore(%r12) - retq - --#ifdef __ASSUME_PRIVATE_FUTEX -+#ifdef __ASSUME_FUTEX_CLOCK_REALTIME - cfi_adjust_cfa_offset(16) - cfi_rel_offset(%r12, 8) - cfi_rel_offset(%r13, 0) ---- a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_rwlock_timedwrlock.S -+++ a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_rwlock_timedwrlock.S -@@ -192,7 +192,7 @@ pthread_rwlock_timedwrlock: - - 7: movq %rdx, %rax - --#ifndef __ASSUME_PRIVATE_FUTEX -+#ifndef __ASSUME_FUTEX_CLOCK_REALTIME - addq $16, %rsp - cfi_adjust_cfa_offset(-16) - popq %r14 -@@ -207,7 +207,7 @@ pthread_rwlock_timedwrlock: - cfi_restore(%r12) - retq - --#ifdef __ASSUME_PRIVATE_FUTEX -+#ifdef __ASSUME_FUTEX_CLOCK_REALTIME - cfi_adjust_cfa_offset(16) - cfi_rel_offset(%r12, 8) - cfi_rel_offset(%r13, 0) diff --git a/core/glibc/glibc-2.14.1-tzfile-overflow.patch b/core/glibc/glibc-2.14.1-tzfile-overflow.patch deleted file mode 100644 index 9e21cbfd3..000000000 --- a/core/glibc/glibc-2.14.1-tzfile-overflow.patch +++ /dev/null @@ -1,72 +0,0 @@ -diff --git a/time/tzfile.c b/time/tzfile.c -index 144e20b..402389c 100644 ---- a/time/tzfile.c -+++ b/time/tzfile.c -@@ -234,23 +234,58 @@ __tzfile_read (const char *file, size_t extra, char **extrap) - goto read_again; - } - -+ if (__builtin_expect (num_transitions -+ > ((SIZE_MAX - (__alignof__ (struct ttinfo) - 1)) -+ / (sizeof (time_t) + 1)), 0)) -+ goto lose; - total_size = num_transitions * (sizeof (time_t) + 1); - total_size = ((total_size + __alignof__ (struct ttinfo) - 1) - & ~(__alignof__ (struct ttinfo) - 1)); - types_idx = total_size; -- total_size += num_types * sizeof (struct ttinfo) + chars; -+ if (__builtin_expect (num_types -+ > (SIZE_MAX - total_size) / sizeof (struct ttinfo), 0)) -+ goto lose; -+ total_size += num_types * sizeof (struct ttinfo); -+ if (__builtin_expect (chars > SIZE_MAX - total_size, 0)) -+ goto lose; -+ total_size += chars; -+ if (__builtin_expect (__alignof__ (struct leap) - 1 -+ > SIZE_MAX - total_size, 0)) -+ goto lose; - total_size = ((total_size + __alignof__ (struct leap) - 1) - & ~(__alignof__ (struct leap) - 1)); - leaps_idx = total_size; -+ if (__builtin_expect (num_leaps -+ > (SIZE_MAX - total_size) / sizeof (struct leap), 0)) -+ goto lose; - total_size += num_leaps * sizeof (struct leap); -- tzspec_len = (sizeof (time_t) == 8 && trans_width == 8 -- ? st.st_size - (ftello (f) -- + num_transitions * (8 + 1) -- + num_types * 6 -- + chars -- + num_leaps * 12 -- + num_isstd -- + num_isgmt) - 1 : 0); -+ tzspec_len = 0; -+ if (sizeof (time_t) == 8 && trans_width == 8) -+ { -+ off_t rem = st.st_size - ftello (f); -+ if (__builtin_expect (rem < 0 -+ || (size_t) rem < (num_transitions * (8 + 1) -+ + num_types * 6 -+ + chars), 0)) -+ goto lose; -+ tzspec_len = (size_t) rem - (num_transitions * (8 + 1) -+ + num_types * 6 -+ + chars); -+ if (__builtin_expect (num_leaps > SIZE_MAX / 12 -+ || tzspec_len < num_leaps * 12, 0)) -+ goto lose; -+ tzspec_len -= num_leaps * 12; -+ if (__builtin_expect (tzspec_len < num_isstd, 0)) -+ goto lose; -+ tzspec_len -= num_isstd; -+ if (__builtin_expect (tzspec_len == 0 || tzspec_len - 1 < num_isgmt, 0)) -+ goto lose; -+ tzspec_len -= num_isgmt + 1; -+ if (__builtin_expect (SIZE_MAX - total_size < tzspec_len, 0)) -+ goto lose; -+ } -+ if (__builtin_expect (SIZE_MAX - total_size - tzspec_len < extra, 0)) -+ goto lose; - - /* Allocate enough memory including the extra block requested by the - caller. */ diff --git a/core/krb5/krb5-1.9.1-2011-006.patch b/core/krb5/krb5-1.9.1-2011-006.patch deleted file mode 100644 index 05a22caf5..000000000 --- a/core/krb5/krb5-1.9.1-2011-006.patch +++ /dev/null @@ -1,75 +0,0 @@ -diff --git a/src/plugins/kdb/db2/lockout.c b/src/plugins/kdb/db2/lockout.c -index b473611..50c60b7 100644 ---- a/src/plugins/kdb/db2/lockout.c -+++ b/src/plugins/kdb/db2/lockout.c -@@ -169,6 +169,9 @@ krb5_db2_lockout_audit(krb5_context context, - return 0; - } - -+ if (entry == NULL) -+ return 0; -+ - if (!db_ctx->disable_lockout) { - code = lookup_lockout_policy(context, entry, &max_fail, - &failcnt_interval, &lockout_duration); -@@ -176,6 +179,15 @@ krb5_db2_lockout_audit(krb5_context context, - return code; - } - -+ /* -+ * Don't continue to modify the DB for an already locked account. -+ * (In most cases, status will be KRB5KDC_ERR_CLIENT_REVOKED, and -+ * this check is unneeded, but in rare cases, we can fail with an -+ * integrity error or preauth failure before a policy check.) -+ */ -+ if (locked_check_p(context, stamp, max_fail, lockout_duration, entry)) -+ return 0; -+ - /* Only mark the authentication as successful if the entry - * required preauthentication, otherwise we have no idea. */ - if (status == 0 && (entry->attributes & KRB5_KDB_REQUIRES_PRE_AUTH)) { -diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c -index 552e39a..c2f44ab 100644 ---- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c -+++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c -@@ -105,6 +105,7 @@ krb5_ldap_get_principal(krb5_context context, krb5_const_principal searchfor, - CHECK_LDAP_HANDLE(ldap_context); - - if (is_principal_in_realm(ldap_context, searchfor) != 0) { -+ st = KRB5_KDB_NOENTRY; - krb5_set_error_message (context, st, "Principal does not belong to realm"); - goto cleanup; - } -diff --git a/src/plugins/kdb/ldap/libkdb_ldap/lockout.c b/src/plugins/kdb/ldap/libkdb_ldap/lockout.c -index a218dc7..fd164dd 100644 ---- a/src/plugins/kdb/ldap/libkdb_ldap/lockout.c -+++ b/src/plugins/kdb/ldap/libkdb_ldap/lockout.c -@@ -165,6 +165,9 @@ krb5_ldap_lockout_audit(krb5_context context, - return 0; - } - -+ if (entry == NULL) -+ return 0; -+ - if (!ldap_context->disable_lockout) { - code = lookup_lockout_policy(context, entry, &max_fail, - &failcnt_interval, -@@ -173,9 +176,16 @@ krb5_ldap_lockout_audit(krb5_context context, - return code; - } - -- entry->mask = 0; -+ /* -+ * Don't continue to modify the DB for an already locked account. -+ * (In most cases, status will be KRB5KDC_ERR_CLIENT_REVOKED, and -+ * this check is unneeded, but in rare cases, we can fail with an -+ * integrity error or preauth failure before a policy check.) -+ */ -+ if (locked_check_p(context, stamp, max_fail, lockout_duration, entry)) -+ return 0; - -- assert (!locked_check_p(context, stamp, max_fail, lockout_duration, entry)); -+ entry->mask = 0; - - /* Only mark the authentication as successful if the entry - * required preauthentication, otherwise we have no idea. */ diff --git a/core/libpcap/Add-support-for-libnl-2.x-adapted-from-a-newer-versi.patch b/core/libpcap/Add-support-for-libnl-2.x-adapted-from-a-newer-versi.patch deleted file mode 100644 index 1fce472b7..000000000 --- a/core/libpcap/Add-support-for-libnl-2.x-adapted-from-a-newer-versi.patch +++ /dev/null @@ -1,344 +0,0 @@ -From bc937fc4ff6715e9bee939041fa02be0755d7d58 Mon Sep 17 00:00:00 2001 -From: Guy Harris -Date: Sat, 13 Nov 2010 17:42:47 -0800 -Subject: [PATCH] Add support for libnl 2.x, adapted from a newer version of the iw command. - ---- - config.h.in | 3 ++ - configure | 108 +++++++++++++++++++++++++++++++++++++++++++++++++++++++--- - configure.in | 40 ++++++++++++++++++---- - pcap-linux.c | 58 ++++++++++++++++++++++++------- - 4 files changed, 184 insertions(+), 25 deletions(-) - -diff --git a/config.h.in b/config.h.in -index f988e8f..3b9ce3c 100644 ---- a/config.h.in -+++ b/config.h.in -@@ -52,6 +52,9 @@ - /* if libnl exists */ - #undef HAVE_LIBNL - -+/* if libnl exists and is version 2.x */ -+#undef HAVE_LIBNL_2_x -+ - /* Define to 1 if you have the header file. */ - #undef HAVE_LIMITS_H - -diff --git a/configure b/configure -index c99c1ab..7338dee 100755 ---- a/configure -+++ b/configure -@@ -7340,7 +7340,93 @@ fi - - - if test x$with_libnl != xno ; then -- { echo "$as_me:$LINENO: checking for nl_handle_alloc in -lnl" >&5 -+ # -+ # Try libnl 2.x first. -+ # -+ { echo "$as_me:$LINENO: checking for nl_socket_alloc in -lnl" >&5 -+echo $ECHO_N "checking for nl_socket_alloc in -lnl... $ECHO_C" >&6; } -+if test "${ac_cv_lib_nl_nl_socket_alloc+set}" = set; then -+ echo $ECHO_N "(cached) $ECHO_C" >&6 -+else -+ ac_check_lib_save_LIBS=$LIBS -+LIBS="-lnl $LIBS" -+cat >conftest.$ac_ext <<_ACEOF -+/* confdefs.h. */ -+_ACEOF -+cat confdefs.h >>conftest.$ac_ext -+cat >>conftest.$ac_ext <<_ACEOF -+/* end confdefs.h. */ -+ -+/* Override any GCC internal prototype to avoid an error. -+ Use char because int might match the return type of a GCC -+ builtin and then its argument prototype would still apply. */ -+#ifdef __cplusplus -+extern "C" -+#endif -+char nl_socket_alloc (); -+int -+main () -+{ -+return nl_socket_alloc (); -+ ; -+ return 0; -+} -+_ACEOF -+rm -f conftest.$ac_objext conftest$ac_exeext -+if { (ac_try="$ac_link" -+case "(($ac_try" in -+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; -+ *) ac_try_echo=$ac_try;; -+esac -+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 -+ (eval "$ac_link") 2>conftest.er1 -+ ac_status=$? -+ grep -v '^ *+' conftest.er1 >conftest.err -+ rm -f conftest.er1 -+ cat conftest.err >&5 -+ echo "$as_me:$LINENO: \$? = $ac_status" >&5 -+ (exit $ac_status); } && { -+ test -z "$ac_c_werror_flag" || -+ test ! -s conftest.err -+ } && test -s conftest$ac_exeext && -+ $as_test_x conftest$ac_exeext; then -+ ac_cv_lib_nl_nl_socket_alloc=yes -+else -+ echo "$as_me: failed program was:" >&5 -+sed 's/^/| /' conftest.$ac_ext >&5 -+ -+ ac_cv_lib_nl_nl_socket_alloc=no -+fi -+ -+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ -+ conftest$ac_exeext conftest.$ac_ext -+LIBS=$ac_check_lib_save_LIBS -+fi -+{ echo "$as_me:$LINENO: result: $ac_cv_lib_nl_nl_socket_alloc" >&5 -+echo "${ECHO_T}$ac_cv_lib_nl_nl_socket_alloc" >&6; } -+if test $ac_cv_lib_nl_nl_socket_alloc = yes; then -+ -+ # -+ # Yes, we have libnl 2.x. -+ # -+ LIBS="-lnl-genl -lnl $LIBS" -+ -+cat >>confdefs.h <<\_ACEOF -+#define HAVE_LIBNL 1 -+_ACEOF -+ -+ -+cat >>confdefs.h <<\_ACEOF -+#define HAVE_LIBNL_2_x 1 -+_ACEOF -+ -+ -+else -+ -+ # -+ # No, we don't; do we have libnl 1.x? -+ # -+ { echo "$as_me:$LINENO: checking for nl_handle_alloc in -lnl" >&5 - echo $ECHO_N "checking for nl_handle_alloc in -lnl... $ECHO_C" >&6; } - if test "${ac_cv_lib_nl_nl_handle_alloc+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -@@ -7402,18 +7488,30 @@ fi - { echo "$as_me:$LINENO: result: $ac_cv_lib_nl_nl_handle_alloc" >&5 - echo "${ECHO_T}$ac_cv_lib_nl_nl_handle_alloc" >&6; } - if test $ac_cv_lib_nl_nl_handle_alloc = yes; then -- LIBS="-lnl $LIBS" -+ -+ # -+ # Yes. -+ # -+ LIBS="-lnl $LIBS" - - cat >>confdefs.h <<\_ACEOF - #define HAVE_LIBNL 1 - _ACEOF - -+ - else -- if test x$with_libnl = xyes ; then -- { { echo "$as_me:$LINENO: error: libnl support requested but libnl not found" >&5 -+ -+ # -+ # No, we don't have libnl at all. -+ # -+ if test x$with_libnl = xyes ; then -+ { { echo "$as_me:$LINENO: error: libnl support requested but libnl not found" >&5 - echo "$as_me: error: libnl support requested but libnl not found" >&2;} - { (exit 1); exit 1; }; } -- fi -+ fi -+ -+fi -+ - - fi - -diff --git a/configure.in b/configure.in -index 16eadf9..ef801ed 100644 ---- a/configure.in -+++ b/configure.in -@@ -445,13 +445,39 @@ linux) - with_libnl=$withval,,) - - if test x$with_libnl != xno ; then -- AC_CHECK_LIB(nl, nl_handle_alloc, -- LIBS="-lnl $LIBS" -- AC_DEFINE(HAVE_LIBNL,1,[if libnl exists]), -- if test x$with_libnl = xyes ; then -- AC_MSG_ERROR([libnl support requested but libnl not found]) -- fi -- ) -+ # -+ # Try libnl 2.x first. -+ # -+ AC_CHECK_LIB(nl, nl_socket_alloc, -+ [ -+ # -+ # Yes, we have libnl 2.x. -+ # -+ LIBS="-lnl-genl -lnl $LIBS" -+ AC_DEFINE(HAVE_LIBNL,1,[if libnl exists]) -+ AC_DEFINE(HAVE_LIBNL_2_x,1,[if libnl exists and is version 2.x]) -+ ], -+ [ -+ # -+ # No, we don't; do we have libnl 1.x? -+ # -+ AC_CHECK_LIB(nl, nl_handle_alloc, -+ [ -+ # -+ # Yes. -+ # -+ LIBS="-lnl $LIBS" -+ AC_DEFINE(HAVE_LIBNL,1,[if libnl exists]) -+ ], -+ [ -+ # -+ # No, we don't have libnl at all. -+ # -+ if test x$with_libnl = xyes ; then -+ AC_MSG_ERROR([libnl support requested but libnl not found]) -+ fi -+ ]) -+ ]) - fi - - AC_LBL_TPACKET_STATS -diff --git a/pcap-linux.c b/pcap-linux.c -index f8b3f10..deabbc4 100644 ---- a/pcap-linux.c -+++ b/pcap-linux.c -@@ -527,8 +527,37 @@ get_mac80211_phydev(pcap_t *handle, const char *device, char *phydev_path, - return 1; - } - -+#ifndef HAVE_LIBNL_2_x -+/* libnl 2.x compatibility code */ -+ -+#define nl_sock nl_handle -+ -+static inline struct nl_handle * -+nl_socket_alloc(void) -+{ -+ return nl_handle_alloc(); -+} -+ -+static inline void -+nl_socket_free(struct nl_handle *h) -+{ -+ nl_handle_destroy(h); -+} -+ -+static inline int -+__genl_ctrl_alloc_cache(struct nl_handle *h, struct nl_cache **cache) -+{ -+ struct nl_cache *tmp = genl_ctrl_alloc_cache(h); -+ if (!tmp) -+ return -ENOMEM; -+ *cache = tmp; -+ return 0; -+} -+#define genl_ctrl_alloc_cache __genl_ctrl_alloc_cache -+#endif /* !HAVE_LIBNL_2_x */ -+ - struct nl80211_state { -- struct nl_handle *nl_handle; -+ struct nl_sock *nl_sock; - struct nl_cache *nl_cache; - struct genl_family *nl80211; - }; -@@ -536,23 +565,26 @@ struct nl80211_state { - static int - nl80211_init(pcap_t *handle, struct nl80211_state *state, const char *device) - { -- state->nl_handle = nl_handle_alloc(); -- if (!state->nl_handle) { -+ int err; -+ -+ state->nl_sock = nl_socket_alloc(); -+ if (!state->nl_sock) { - snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, - "%s: failed to allocate netlink handle", device); - return PCAP_ERROR; - } - -- if (genl_connect(state->nl_handle)) { -+ if (genl_connect(state->nl_sock)) { - snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, - "%s: failed to connect to generic netlink", device); - goto out_handle_destroy; - } - -- state->nl_cache = genl_ctrl_alloc_cache(state->nl_handle); -- if (!state->nl_cache) { -+ err = genl_ctrl_alloc_cache(state->nl_sock, &state->nl_cache); -+ if (err < 0) { - snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, -- "%s: failed to allocate generic netlink cache", device); -+ "%s: failed to allocate generic netlink cache: %s", -+ device, strerror(-err)); - goto out_handle_destroy; - } - -@@ -568,7 +600,7 @@ nl80211_init(pcap_t *handle, struct nl80211_state *state, const char *device) - out_cache_free: - nl_cache_free(state->nl_cache); - out_handle_destroy: -- nl_handle_destroy(state->nl_handle); -+ nl_socket_free(state->nl_sock); - return PCAP_ERROR; - } - -@@ -577,7 +609,7 @@ nl80211_cleanup(struct nl80211_state *state) - { - genl_family_put(state->nl80211); - nl_cache_free(state->nl_cache); -- nl_handle_destroy(state->nl_handle); -+ nl_socket_free(state->nl_sock); - } - - static int -@@ -605,7 +637,7 @@ add_mon_if(pcap_t *handle, int sock_fd, struct nl80211_state *state, - NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, mondevice); - NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, NL80211_IFTYPE_MONITOR); - -- err = nl_send_auto_complete(state->nl_handle, msg); -+ err = nl_send_auto_complete(state->nl_sock, msg); - if (err < 0) { - if (err == -ENFILE) { - /* -@@ -626,7 +658,7 @@ add_mon_if(pcap_t *handle, int sock_fd, struct nl80211_state *state, - return PCAP_ERROR; - } - } -- err = nl_wait_for_ack(state->nl_handle); -+ err = nl_wait_for_ack(state->nl_sock); - if (err < 0) { - if (err == -ENFILE) { - /* -@@ -685,7 +717,7 @@ del_mon_if(pcap_t *handle, int sock_fd, struct nl80211_state *state, - 0, NL80211_CMD_DEL_INTERFACE, 0); - NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex); - -- err = nl_send_auto_complete(state->nl_handle, msg); -+ err = nl_send_auto_complete(state->nl_sock, msg); - if (err < 0) { - if (err == -ENFILE) { - /* -@@ -706,7 +738,7 @@ del_mon_if(pcap_t *handle, int sock_fd, struct nl80211_state *state, - return PCAP_ERROR; - } - } -- err = nl_wait_for_ack(state->nl_handle); -+ err = nl_wait_for_ack(state->nl_sock); - if (err < 0) { - if (err == -ENFILE) { - /* --- -1.7.3.5 - diff --git a/core/libpcap/Libnl-2.x-returns-its-own-error-codes-not-errnos-han.patch b/core/libpcap/Libnl-2.x-returns-its-own-error-codes-not-errnos-han.patch deleted file mode 100644 index 219494200..000000000 --- a/core/libpcap/Libnl-2.x-returns-its-own-error-codes-not-errnos-han.patch +++ /dev/null @@ -1,159 +0,0 @@ -From 9545ff8e2670db02652f9cf781aafdd6bac58ac4 Mon Sep 17 00:00:00 2001 -From: Guy Harris -Date: Sun, 14 Nov 2010 13:48:19 -0800 -Subject: [PATCH] Libnl 2.x returns its own error codes, not errnos; handle that. - -While we're at it, don't special-case ENFILE for "delete monitor device" -operations; that's not like "add monitor device", where we want to drive -on if a device with that name already exists. ---- - pcap-linux.c | 76 ++++++++++++++++++++++++++-------------------------------- - 1 files changed, 34 insertions(+), 42 deletions(-) - -diff --git a/pcap-linux.c b/pcap-linux.c -index deabbc4..5d291e9 100644 ---- a/pcap-linux.c -+++ b/pcap-linux.c -@@ -527,7 +527,9 @@ get_mac80211_phydev(pcap_t *handle, const char *device, char *phydev_path, - return 1; - } - --#ifndef HAVE_LIBNL_2_x -+#ifdef HAVE_LIBNL_2_x -+#define get_nl_errmsg nl_geterror -+#else - /* libnl 2.x compatibility code */ - - #define nl_sock nl_handle -@@ -544,6 +546,8 @@ nl_socket_free(struct nl_handle *h) - nl_handle_destroy(h); - } - -+#define get_nl_errmsg strerror -+ - static inline int - __genl_ctrl_alloc_cache(struct nl_handle *h, struct nl_cache **cache) - { -@@ -584,7 +588,7 @@ nl80211_init(pcap_t *handle, struct nl80211_state *state, const char *device) - if (err < 0) { - snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, - "%s: failed to allocate generic netlink cache: %s", -- device, strerror(-err)); -+ device, get_nl_errmsg(-err)); - goto out_handle_destroy; - } - -@@ -639,10 +643,17 @@ add_mon_if(pcap_t *handle, int sock_fd, struct nl80211_state *state, - - err = nl_send_auto_complete(state->nl_sock, msg); - if (err < 0) { -+#ifdef HAVE_LIBNL_2_x -+ if (err == -NLE_FAILURE) { -+#else - if (err == -ENFILE) { -+#endif - /* - * Device not available; our caller should just -- * keep trying. -+ * keep trying. (libnl 2.x maps ENFILE to -+ * NLE_FAILURE; it can also map other errors -+ * to that, but there's not much we can do -+ * about that.) - */ - nlmsg_free(msg); - return 0; -@@ -653,17 +664,24 @@ add_mon_if(pcap_t *handle, int sock_fd, struct nl80211_state *state, - */ - snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, - "%s: nl_send_auto_complete failed adding %s interface: %s", -- device, mondevice, strerror(-err)); -+ device, mondevice, get_nl_errmsg(-err)); - nlmsg_free(msg); - return PCAP_ERROR; - } - } - err = nl_wait_for_ack(state->nl_sock); - if (err < 0) { -+#ifdef HAVE_LIBNL_2_x -+ if (err == -NLE_FAILURE) { -+#else - if (err == -ENFILE) { -+#endif - /* - * Device not available; our caller should just -- * keep trying. -+ * keep trying. (libnl 2.x maps ENFILE to -+ * NLE_FAILURE; it can also map other errors -+ * to that, but there's not much we can do -+ * about that.) - */ - nlmsg_free(msg); - return 0; -@@ -674,7 +692,7 @@ add_mon_if(pcap_t *handle, int sock_fd, struct nl80211_state *state, - */ - snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, - "%s: nl_wait_for_ack failed adding %s interface: %s", -- device, mondevice, strerror(-err)); -+ device, mondevice, get_nl_errmsg(-err)); - nlmsg_free(msg); - return PCAP_ERROR; - } -@@ -719,45 +737,19 @@ del_mon_if(pcap_t *handle, int sock_fd, struct nl80211_state *state, - - err = nl_send_auto_complete(state->nl_sock, msg); - if (err < 0) { -- if (err == -ENFILE) { -- /* -- * Device not available; our caller should just -- * keep trying. -- */ -- nlmsg_free(msg); -- return 0; -- } else { -- /* -- * Real failure, not just "that device is not -- * available. -- */ -- snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, -- "%s: nl_send_auto_complete failed deleting %s interface: %s", -- device, mondevice, strerror(-err)); -- nlmsg_free(msg); -- return PCAP_ERROR; -- } -+ snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, -+ "%s: nl_send_auto_complete failed deleting %s interface: %s", -+ device, mondevice, get_nl_errmsg(-err)); -+ nlmsg_free(msg); -+ return PCAP_ERROR; - } - err = nl_wait_for_ack(state->nl_sock); - if (err < 0) { -- if (err == -ENFILE) { -- /* -- * Device not available; our caller should just -- * keep trying. -- */ -- nlmsg_free(msg); -- return 0; -- } else { -- /* -- * Real failure, not just "that device is not -- * available. -- */ -- snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, -- "%s: nl_wait_for_ack failed adding %s interface: %s", -- device, mondevice, strerror(-err)); -- nlmsg_free(msg); -- return PCAP_ERROR; -- } -+ snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, -+ "%s: nl_wait_for_ack failed adding %s interface: %s", -+ device, mondevice, get_nl_errmsg(-err)); -+ nlmsg_free(msg); -+ return PCAP_ERROR; - } - - /* --- -1.7.3.5 - diff --git a/core/syslog-ng/PKGBUILD b/core/syslog-ng/PKGBUILD deleted file mode 100644 index ef636e51e..000000000 --- a/core/syslog-ng/PKGBUILD +++ /dev/null @@ -1,53 +0,0 @@ -# $Id: PKGBUILD 143678 2011-11-28 11:05:29Z dreisner $ -# Maintainer: Dave Reisner -# Maintainer: Eric BĂ©langer -# Maintainer: Aaron Griffin - -pkgname=syslog-ng -pkgver=3.3.3 -pkgrel=1 -pkgdesc="Next-generation syslogd with advanced networking and filtering capabilities" -arch=('i686' 'x86_64') -license=('GPL2') -groups=('base') -url="http://www.balabit.com/network-security/syslog-ng/" -depends=('glib2' 'eventlog' 'openssl' 'libcap' 'awk') -makedepends=('flex' 'pkg-config') -optdepends=('logrotate: for rotating log files') -provides=('logger') -options=('!libtool') -backup=('etc/syslog-ng/modules.conf' 'etc/syslog-ng/scl.conf' \ - 'etc/syslog-ng/syslog-ng.conf' 'etc/logrotate.d/syslog-ng') -source=("http://www.balabit.com/downloads/files/syslog-ng/sources/$pkgver/source/${pkgname}_$pkgver.tar.gz" - syslog-ng.conf - syslog-ng.logrotate - syslog-ng.rc) -sha1sums=('e2ec8ba4bde24809630a7675bf5d97f00be467f8' - '98074e0facfc6ef036202662cc86d04b38a2c142' - '949128fe3d7f77a7aab99048061f885bc758000c' - 'a6ad26912b5bcbe1b47b003309945d733613b98f') - -build() { - cd "$pkgname-$pkgver" - - ./configure \ - --prefix=/usr \ - --sysconfdir=/etc/syslog-ng \ - --libexecdir=/usr/lib \ - --localstatedir=/var/lib/syslog-ng \ - --with-pidfile-dir=/run \ - --disable-spoof-source \ - --enable-systemd \ - --with-systemdsystemunitdir=/lib/systemd/system - - make -} - -package() { - make -C "$pkgname-$pkgver" DESTDIR="$pkgdir" install - - install -dm755 "$pkgdir/var/lib/syslog-ng" "$pkgdir/etc/syslog-ng/patterndb.d" - install -Dm644 "$srcdir/syslog-ng.conf" "$pkgdir/etc/syslog-ng/syslog-ng.conf" - install -Dm644 "$srcdir/syslog-ng.logrotate" "$pkgdir/etc/logrotate.d/syslog-ng" - install -Dm755 "$srcdir/syslog-ng.rc" "$pkgdir/etc/rc.d/syslog-ng" -} diff --git a/core/syslog-ng/syslog-ng.conf b/core/syslog-ng/syslog-ng.conf deleted file mode 100644 index 8f86eac2f..000000000 --- a/core/syslog-ng/syslog-ng.conf +++ /dev/null @@ -1,92 +0,0 @@ -@version: 3.3 -# -# /etc/syslog-ng/syslog-ng.conf -# - -options { - stats_freq (0); - flush_lines (0); - time_reopen (10); - log_fifo_size (10000); - chain_hostnames (off); - use_dns (no); - use_fqdn (no); - create_dirs (no); - keep_hostname (yes); - perm(0640); - group("log"); -}; - -source src { - unix-dgram("/dev/log"); - internal(); - file("/proc/kmsg"); -}; - -destination d_authlog { file("/var/log/auth.log"); }; -destination d_syslog { file("/var/log/syslog.log"); }; -destination d_cron { file("/var/log/crond.log"); }; -destination d_daemon { file("/var/log/daemon.log"); }; -destination d_kernel { file("/var/log/kernel.log"); }; -destination d_lpr { file("/var/log/lpr.log"); }; -destination d_user { file("/var/log/user.log"); }; -destination d_uucp { file("/var/log/uucp.log"); }; -destination d_mail { file("/var/log/mail.log"); }; -destination d_news { file("/var/log/news.log"); }; -destination d_ppp { file("/var/log/ppp.log"); }; -destination d_debug { file("/var/log/debug.log"); }; -destination d_messages { file("/var/log/messages.log"); }; -destination d_errors { file("/var/log/errors.log"); }; -destination d_everything { file("/var/log/everything.log"); }; -destination d_iptables { file("/var/log/iptables.log"); }; -destination d_acpid { file("/var/log/acpid.log"); }; -destination d_console { usertty("root"); }; - -# Log everything to tty12 -destination console_all { file("/dev/tty12"); }; - -filter f_auth { facility(auth); }; -filter f_authpriv { facility(auth, authpriv); }; -filter f_syslog { program(syslog-ng); }; -filter f_cron { facility(cron); }; -filter f_daemon { facility(daemon); }; -filter f_kernel { facility(kern) and not filter(f_iptables); }; -filter f_lpr { facility(lpr); }; -filter f_mail { facility(mail); }; -filter f_news { facility(news); }; -filter f_user { facility(user); }; -filter f_uucp { facility(uucp); }; -filter f_ppp { facility(local2); }; -filter f_debug { not facility(auth, authpriv, news, mail); }; -filter f_messages { level(info..warn) and not facility(auth, authpriv, mail, news, cron) and not program(syslog-ng) and not filter(f_iptables); }; -filter f_everything { level(debug..emerg) and not facility(auth, authpriv); }; -filter f_emergency { level(emerg); }; -filter f_info { level(info); }; -filter f_notice { level(notice); }; -filter f_warn { level(warn); }; -filter f_crit { level(crit); }; -filter f_err { level(err); }; -filter f_iptables { match("IN=" value("MESSAGE")) and match("OUT=" value("MESSAGE")); }; -filter f_acpid { program("acpid"); }; - -log { source(src); filter(f_acpid); destination(d_acpid); }; -log { source(src); filter(f_authpriv); destination(d_authlog); }; -log { source(src); filter(f_syslog); destination(d_syslog); }; -log { source(src); filter(f_cron); destination(d_cron); }; -log { source(src); filter(f_daemon); destination(d_daemon); }; -log { source(src); filter(f_kernel); destination(d_kernel); }; -log { source(src); filter(f_lpr); destination(d_lpr); }; -log { source(src); filter(f_mail); destination(d_mail); }; -log { source(src); filter(f_news); destination(d_news); }; -log { source(src); filter(f_ppp); destination(d_ppp); }; -log { source(src); filter(f_user); destination(d_user); }; -log { source(src); filter(f_uucp); destination(d_uucp); }; -#log { source(src); filter(f_debug); destination(d_debug); }; -log { source(src); filter(f_messages); destination(d_messages); }; -log { source(src); filter(f_err); destination(d_errors); }; -log { source(src); filter(f_emergency); destination(d_console); }; -log { source(src); filter(f_everything); destination(d_everything); }; -log { source(src); filter(f_iptables); destination(d_iptables); }; - -# Log everything to tty12 -#log { source(src); destination(console_all); }; diff --git a/core/syslog-ng/syslog-ng.logrotate b/core/syslog-ng/syslog-ng.logrotate deleted file mode 100644 index 3509f2970..000000000 --- a/core/syslog-ng/syslog-ng.logrotate +++ /dev/null @@ -1,7 +0,0 @@ -/var/log/messages.log /var/log/auth.log /var/log/mail.log /var/log/kernel.log /var/log/errors.log /var/log/daemon.log /var/log/user.log /var/log/iptables.log /var/log/everything.log /var/log/syslog.log /var/log/acpid.log /var/log/crond.log /var/log/lpr.log /var/log/uucp.log /var/log/news.log /var/log/ppp.log /var/log/debug.log { - missingok - sharedscripts - postrotate - /bin/kill -HUP $(cat /run/syslog-ng.pid 2>/dev/null) 2>/dev/null || true - endscript -} diff --git a/core/syslog-ng/syslog-ng.rc b/core/syslog-ng/syslog-ng.rc deleted file mode 100755 index 516b03da3..000000000 --- a/core/syslog-ng/syslog-ng.rc +++ /dev/null @@ -1,66 +0,0 @@ -#!/bin/bash - -. /etc/rc.conf -. /etc/rc.d/functions - -checkconfig() { - if ! syslog-ng -s -f /etc/syslog-ng/syslog-ng.conf; then - stat_fail - exit 1 - fi -} - -pidfile=/run/syslog-ng.pid -if [[ -r $pidfile ]]; then - read -r PID < "$pidfile" - if [[ $PID && ! -d /proc/$PID ]]; then - # stale pidfile - unset PID - rm -f "$pidfile" - fi -fi - -case $1 in - start) - stat_busy "Starting Syslog-NG" - checkconfig - if [[ -z $PID ]] && /usr/sbin/syslog-ng; then - add_daemon syslog-ng - stat_done - else - stat_fail - exit 1 - fi - ;; - stop) - stat_busy "Stopping Syslog-NG" - if [[ $PID ]] && kill $PID &>/dev/null; then - rm_daemon syslog-ng - stat_done - else - stat_fail - exit 1 - fi - ;; - reload) - stat_busy "Reloading Syslog-NG configuration and re-opening log files" - if [[ -z $PID ]]; then - stat_fail - else - checkconfig - if kill -HUP $PID &>/dev/null; then - stat_done - else - stat_fail - exit 1 - fi - fi - ;; - restart) - $0 stop - sleep 1 - $0 start - ;; - *) - echo "usage: $0 {start|stop|restart|reload}" -esac -- cgit v1.2.3-54-g00ecf