From 434d5d8d6cf3c5c3aa2f3299612419f82e42a48f Mon Sep 17 00:00:00 2001 From: Roy Li Date: Tue, 12 Aug 2014 19:06:33 +0800 Subject: net-snmp: uprev it to 5.7.2.1 Signed-off-by: Roy Li Signed-off-by: Martin Jansa --- .../files/net-snmp-5.7.2-fix-CVE-2014-2284.patch | 126 ------------------- .../files/net-snmp-5.7.2-fix-CVE-2014-2285.patch | 26 ---- .../recipes-protocols/net-snmp/net-snmp_5.7.2.1.bb | 129 ++++++++++++++++++++ .../recipes-protocols/net-snmp/net-snmp_5.7.2.bb | 133 --------------------- 4 files changed, 129 insertions(+), 285 deletions(-) delete mode 100644 meta-networking/recipes-protocols/net-snmp/files/net-snmp-5.7.2-fix-CVE-2014-2284.patch delete mode 100644 meta-networking/recipes-protocols/net-snmp/files/net-snmp-5.7.2-fix-CVE-2014-2285.patch create mode 100644 meta-networking/recipes-protocols/net-snmp/net-snmp_5.7.2.1.bb delete mode 100644 meta-networking/recipes-protocols/net-snmp/net-snmp_5.7.2.bb (limited to 'meta-networking') diff --git a/meta-networking/recipes-protocols/net-snmp/files/net-snmp-5.7.2-fix-CVE-2014-2284.patch b/meta-networking/recipes-protocols/net-snmp/files/net-snmp-5.7.2-fix-CVE-2014-2284.patch deleted file mode 100644 index 4ad906432e..0000000000 --- a/meta-networking/recipes-protocols/net-snmp/files/net-snmp-5.7.2-fix-CVE-2014-2284.patch +++ /dev/null @@ -1,126 +0,0 @@ -diff -urpN a/agent/mibgroup/mibII/icmp.c b/agent/mibgroup/mibII/icmp.c ---- a/agent/mibgroup/mibII/icmp.c -+++ b/agent/mibgroup/mibII/icmp.c -@@ -106,10 +106,20 @@ struct icmp_msg_stats_table_entry { - int flags; - }; - -+#ifdef linux -+/* Linux keeps track of all possible message types */ -+#define ICMP_MSG_STATS_IPV4_COUNT 256 -+#else - #define ICMP_MSG_STATS_IPV4_COUNT 11 -+#endif - - #ifdef NETSNMP_ENABLE_IPV6 -+#ifdef linux -+/* Linux keeps track of all possible message types */ -+#define ICMP_MSG_STATS_IPV6_COUNT 256 -+#else - #define ICMP_MSG_STATS_IPV6_COUNT 14 -+#endif - #else - #define ICMP_MSG_STATS_IPV6_COUNT 0 - #endif /* NETSNMP_ENABLE_IPV6 */ -@@ -177,7 +187,7 @@ icmp_msg_stats_load(netsnmp_cache *cache - inc = 0; - linux_read_icmp_msg_stat(&v4icmp, &v4icmpmsg, &flag); - if (flag) { -- while (254 != k) { -+ while (255 >= k) { - if (v4icmpmsg.vals[k].InType) { - icmp_msg_stats_table[i].ipVer = 1; - icmp_msg_stats_table[i].icmpMsgStatsType = k; -@@ -1050,6 +1060,12 @@ icmp_stats_table_handler(netsnmp_mib_han - continue; - table_info = netsnmp_extract_table_info(request); - subid = table_info->colnum; -+ DEBUGMSGTL(( "mibII/icmpStatsTable", "oid: " )); -+ DEBUGMSGOID(( "mibII/icmpStatsTable", request->requestvb->name, -+ request->requestvb->name_length )); -+ DEBUGMSG(( "mibII/icmpStatsTable", " In %d InErr %d Out %d OutErr %d\n", -+ entry->icmpStatsInMsgs, entry->icmpStatsInErrors, -+ entry->icmpStatsOutMsgs, entry->icmpStatsOutErrors )); - - switch (subid) { - case ICMP_STAT_INMSG: -@@ -1117,6 +1133,11 @@ icmp_msg_stats_table_handler(netsnmp_mib - continue; - table_info = netsnmp_extract_table_info(request); - subid = table_info->colnum; -+ DEBUGMSGTL(( "mibII/icmpMsgStatsTable", "oid: " )); -+ DEBUGMSGOID(( "mibII/icmpMsgStatsTable", request->requestvb->name, -+ request->requestvb->name_length )); -+ DEBUGMSG(( "mibII/icmpMsgStatsTable", " In %d Out %d Flags 0x%x\n", -+ entry->icmpMsgStatsInPkts, entry->icmpMsgStatsOutPkts, entry->flags )); - - switch (subid) { - case ICMP_MSG_STAT_IN_PKTS: -diff -urpN a/agent/mibgroup/mibII/kernel_linux.c b/agent/mibgroup/mibII/kernel_linux.c ---- a/agent/mibgroup/mibII/kernel_linux.c -+++ b/agent/mibgroup/mibII/kernel_linux.c -@@ -81,9 +81,9 @@ decode_icmp_msg(char *line, char *data, - index = strtol(token, &delim, 0); - if (ERANGE == errno) { - continue; -- } else if (index > LONG_MAX) { -+ } else if (index > 255) { - continue; -- } else if (index < LONG_MIN) { -+ } else if (index < 0) { - continue; - } - if (NULL == (token = strtok_r(dataptr, " ", &saveptr1))) -@@ -94,9 +94,9 @@ decode_icmp_msg(char *line, char *data, - index = strtol(token, &delim, 0); - if (ERANGE == errno) { - continue; -- } else if (index > LONG_MAX) { -+ } else if (index > 255) { - continue; -- } else if (index < LONG_MIN) { -+ } else if (index < 0) { - continue; - } - if(NULL == (token = strtok_r(dataptr, " ", &saveptr1))) -@@ -426,14 +426,21 @@ linux_read_icmp6_parse(struct icmp6_mib - - vals = name; - if (NULL != icmp6msgstat) { -+ int type; - if (0 == strncmp(name, "Icmp6OutType", 12)) { - strsep(&vals, "e"); -- icmp6msgstat->vals[atoi(vals)].OutType = stats; -+ type = atoi(vals); -+ if ( type < 0 || type > 255 ) -+ continue; -+ icmp6msgstat->vals[type].OutType = stats; - *support = 1; - continue; - } else if (0 == strncmp(name, "Icmp6InType", 11)) { - strsep(&vals, "e"); -- icmp6msgstat->vals[atoi(vals)].InType = stats; -+ type = atoi(vals); -+ if ( type < 0 || type > 255 ) -+ continue; -+ icmp6msgstat->vals[type].OutType = stats; - *support = 1; - continue; - } -diff -urpN a/agent/mibgroup/mibII/kernel_linux.h b/agent/mibgroup/mibII/kernel_linux.h ---- a/agent/mibgroup/mibII/kernel_linux.h -+++ b/agent/mibgroup/mibII/kernel_linux.h -@@ -121,11 +121,11 @@ struct icmp_msg_mib { - - /* Lets use wrapper structures for future expansion */ - struct icmp4_msg_mib { -- struct icmp_msg_mib vals[255]; -+ struct icmp_msg_mib vals[256]; - }; - - struct icmp6_msg_mib { -- struct icmp_msg_mib vals[255]; -+ struct icmp_msg_mib vals[256]; - }; - - struct udp_mib { diff --git a/meta-networking/recipes-protocols/net-snmp/files/net-snmp-5.7.2-fix-CVE-2014-2285.patch b/meta-networking/recipes-protocols/net-snmp/files/net-snmp-5.7.2-fix-CVE-2014-2285.patch deleted file mode 100644 index 8267eeb75d..0000000000 --- a/meta-networking/recipes-protocols/net-snmp/files/net-snmp-5.7.2-fix-CVE-2014-2285.patch +++ /dev/null @@ -1,26 +0,0 @@ ---- a/perl/TrapReceiver/TrapReceiver.xs -+++ b/perl/TrapReceiver/TrapReceiver.xs -@@ -81,18 +81,18 @@ int perl_trapd_handler( netsnmp_pdu - STOREPDUi("securitymodel", pdu->securityModel); - STOREPDUi("securitylevel", pdu->securityLevel); - STOREPDU("contextName", -- newSVpv(pdu->contextName, pdu->contextNameLen)); -+ newSVpv(pdu->contextName ? pdu->contextName : "", pdu->contextNameLen)); - STOREPDU("contextEngineID", -- newSVpv((char *) pdu->contextEngineID, -+ newSVpv(pdu->contextEngineID ? (char *) pdu->contextEngineID : "", - pdu->contextEngineIDLen)); - STOREPDU("securityEngineID", -- newSVpv((char *) pdu->securityEngineID, -+ newSVpv(pdu->securityEngineID ? (char *) pdu->securityEngineID : "", - pdu->securityEngineIDLen)); - STOREPDU("securityName", -- newSVpv((char *) pdu->securityName, pdu->securityNameLen)); -+ newSVpv(pdu->securityName ? (char *) pdu->securityName : "", pdu->securityNameLen)); - } else { - STOREPDU("community", -- newSVpv((char *) pdu->community, pdu->community_len)); -+ newSVpv(pdu->community ? (char *) pdu->community : "", pdu->community_len)); - } - - if (transport && transport->f_fmtaddr) { diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp_5.7.2.1.bb b/meta-networking/recipes-protocols/net-snmp/net-snmp_5.7.2.1.bb new file mode 100644 index 0000000000..eb97748306 --- /dev/null +++ b/meta-networking/recipes-protocols/net-snmp/net-snmp_5.7.2.1.bb @@ -0,0 +1,129 @@ +SUMMARY = "Various tools relating to the Simple Network Management Protocol" +HOMEPAGE = "http://www.net-snmp.org/" +LICENSE = "BSD" + +LIC_FILES_CHKSUM = "file://README;beginline=3;endline=8;md5=7f7f00ba639ac8e8deb5a622ea24634e" + +DEPENDS = "openssl libnl pciutils" + +SRC_URI = "${SOURCEFORGE_MIRROR}/net-snmp/net-snmp-${PV}.zip \ + file://init \ + file://snmpd.conf \ + file://snmptrapd.conf \ + file://systemd-support.patch \ + file://snmpd.service \ + file://snmptrapd.service \ + file://ifmib.patch \ +" + +SRC_URI[md5sum] = "a2c83518648b0f2a5d378625e45c0e18" +SRC_URI[sha256sum] = "ac9105539971f7cfb1456a86d479e18e8a8b3712212595ad40504347ba5843da" + +inherit autotools update-rc.d siteinfo systemd + +EXTRA_OEMAKE = "INSTALL_PREFIX=${D}" + +PARALLEL_MAKE = "" +CCACHE = "" + +TARGET_CC_ARCH += "${LDFLAGS}" + +EXTRA_OECONF = "--disable-embedded-perl \ + --with-perl-modules=no \ + --enable-shared \ + --disable-manuals \ + --with-defaults \ + ${@base_conditional('SITEINFO_ENDIANNESS', 'le', '--with-endianness=little', '--with-endianness=big', d)}" + +do_configure_prepend() { + export PERLPROG="${bindir}/env perl" +} + +do_install_append() { + install -d ${D}${sysconfdir}/snmp + install -d ${D}${sysconfdir}/init.d + install -m 755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/snmpd + install -m 644 ${WORKDIR}/snmpd.conf ${D}${sysconfdir}/snmp/ + install -m 644 ${WORKDIR}/snmptrapd.conf ${D}${sysconfdir}/snmp/ + sed -e "s@-I/usr/include@@g" \ + -e "s@^prefix=.*@prefix=${STAGING_DIR_HOST}@g" \ + -e "s@^exec_prefix=.*@exec_prefix=${STAGING_DIR_HOST}@g" \ + -e "s@^includedir=.*@includedir=${STAGING_INCDIR}@g" \ + -e "s@^libdir=.*@libdir=${STAGING_LIBDIR}@g" \ + -i ${D}${bindir}/net-snmp-config + install -d ${D}${systemd_unitdir}/system + install -m 0644 ${WORKDIR}/snmpd.service ${D}${systemd_unitdir}/system + install -m 0644 ${WORKDIR}/snmptrapd.service ${D}${systemd_unitdir}/system +} + +SYSROOT_PREPROCESS_FUNCS += "net_snmp_sysroot_preprocess" + +net_snmp_sysroot_preprocess () { + if [ -e ${D}${bindir}/net-snmp-config ]; then + install -d ${SYSROOT_DESTDIR}${bindir_crossscripts}/ + install -m 755 ${D}${bindir}/net-snmp-config ${SYSROOT_DESTDIR}${bindir_crossscripts}/ + fi +} + +PACKAGES = "${PN}-dbg ${PN}-doc ${PN}-dev ${PN}-staticdev ${PN}-static ${PN}-libs \ + ${PN}-mibs ${PN}-server ${PN}-client ${PN}-server-snmpd ${PN}-server-snmptrapd" + +ALLOW_EMPTY_${PN}-server = "1" + +FILES_${PN}-libs = "${libdir}/lib*${SOLIBS}" +FILES_${PN}-mibs = "${datadir}/snmp/mibs" +FILES_${PN}-server-snmpd = "${sbindir}/snmpd \ + ${sysconfdir}/snmp/snmpd.conf \ + ${sysconfdir}/init.d \ + ${systemd_unitdir}/system/snmpd.service \ +" + +FILES_${PN}-server-snmptrapd = "${sbindir}/snmptrapd \ + ${sysconfdir}/snmp/snmptrapd.conf \ + ${systemd_unitdir}/system/snmptrapd.service \ +" + +FILES_${PN}-client = "${bindir}/* ${datadir}/snmp/" +FILES_${PN}-dbg += "${libdir}/.debug/ ${sbindir}/.debug/ ${bindir}/.debug/" +FILES_${PN}-dev += "${bindir}/net-snmp-config ${bindir}/mib2c ${bindir}/mib2c-update" + +CONFFILES_${PN}-server-snmpd = "${sysconfdir}/snmp/snmpd.conf" +CONFFILES_${PN}-server-snmptrapd = "${sysconfdir}/snmp/snmptrapd.conf" + +INITSCRIPT_PACKAGES = "${PN}-server" +INITSCRIPT_NAME_${PN}-server = "snmpd" +INITSCRIPT_PARAMS_${PN}-server = "defaults" + +EXTRA_OECONF += "${@base_contains('DISTRO_FEATURES', 'systemd', '--with-systemd', '--without-systemd', d)}" + +SYSTEMD_PACKAGES = "${PN}-server-snmpd \ + ${PN}-server-snmptrapd" + +SYSTEMD_SERVICE_${PN}-server-snmpd = "snmpd.service" +SYSTEMD_SERVICE_${PN}-server-snmptrapd = "snmptrapd.service" + +RDEPENDS_${PN}-server-snmpd += "net-snmp-mibs" +RDEPENDS_${PN}-server-snmptrapd += "net-snmp-server-snmpd" +RDEPENDS_${PN}-server += "net-snmp-server-snmpd net-snmp-server-snmptrapd" +RDEPENDS_${PN}-client += "net-snmp-mibs" +RDEPENDS_${PN}-dev = "net-snmp-client (= ${EXTENDPKGV}) net-snmp-server (= ${EXTENDPKGV})" +RRECOMMENDS_${PN}-dbg = "net-snmp-client (= ${EXTENDPKGV}) net-snmp-server (= ${EXTENDPKGV})" + +RPROVIDES_${PN}-server-snmpd += "${PN}-server-snmpd-systemd" +RREPLACES_${PN}-server-snmpd += "${PN}-server-snmpd-systemd" +RCONFLICTS_${PN}-server-snmpd += "${PN}-server-snmpd-systemd" + +RPROVIDES_${PN}-server-snmptrapd += "${PN}-server-snmptrapd-systemd" +RREPLACES_${PN}-server-snmptrapd += "${PN}-server-snmptrapd-systemd" +RCONFLICTS_${PN}-server-snmptrapd += "${PN}-server-snmptrapd-systemd" + +LEAD_SONAME = "libnetsnmp.so" + +pkg_postrm_${PN}-server() { + if test "x$D" != "x"; then + OPT="-r $D " + else + OPT="" + /etc/init.d/snmpd stop + fi +} diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp_5.7.2.bb b/meta-networking/recipes-protocols/net-snmp/net-snmp_5.7.2.bb deleted file mode 100644 index f1e3a5d349..0000000000 --- a/meta-networking/recipes-protocols/net-snmp/net-snmp_5.7.2.bb +++ /dev/null @@ -1,133 +0,0 @@ -SUMMARY = "Various tools relating to the Simple Network Management Protocol" -HOMEPAGE = "http://www.net-snmp.org/" -LICENSE = "BSD" - -LIC_FILES_CHKSUM = "file://README;beginline=3;endline=8;md5=7f7f00ba639ac8e8deb5a622ea24634e" - -DEPENDS = "openssl libnl pciutils" - -PR = "r1" - -SRC_URI = "${SOURCEFORGE_MIRROR}/net-snmp/net-snmp-${PV}.tar.gz \ - file://init \ - file://snmpd.conf \ - file://snmptrapd.conf \ - file://systemd-support.patch \ - file://snmpd.service \ - file://snmptrapd.service \ - file://ifmib.patch \ - file://net-snmp-5.7.2-fix-CVE-2014-2284.patch \ - file://net-snmp-5.7.2-fix-CVE-2014-2285.patch \ -" - -SRC_URI[md5sum] = "5bddd02e2f82b62daa79f82717737a14" -SRC_URI[sha256sum] = "09ed31b4cc1f3c0411ef9a16eff79ef3b30d89c32ca46d5a01a41826c4ceb816" - -inherit autotools update-rc.d siteinfo systemd - -EXTRA_OEMAKE = "INSTALL_PREFIX=${D}" - -PARALLEL_MAKE = "" -CCACHE = "" - -TARGET_CC_ARCH += "${LDFLAGS}" - -EXTRA_OECONF = "--disable-embedded-perl \ - --with-perl-modules=no \ - --enable-shared \ - --disable-manuals \ - --with-defaults \ - ${@base_conditional('SITEINFO_ENDIANNESS', 'le', '--with-endianness=little', '--with-endianness=big', d)}" - -do_configure_prepend() { - export PERLPROG="${bindir}/env perl" -} - -do_install_append() { - install -d ${D}${sysconfdir}/snmp - install -d ${D}${sysconfdir}/init.d - install -m 755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/snmpd - install -m 644 ${WORKDIR}/snmpd.conf ${D}${sysconfdir}/snmp/ - install -m 644 ${WORKDIR}/snmptrapd.conf ${D}${sysconfdir}/snmp/ - sed -e "s@-I/usr/include@@g" \ - -e "s@^prefix=.*@prefix=${STAGING_DIR_HOST}@g" \ - -e "s@^exec_prefix=.*@exec_prefix=${STAGING_DIR_HOST}@g" \ - -e "s@^includedir=.*@includedir=${STAGING_INCDIR}@g" \ - -e "s@^libdir=.*@libdir=${STAGING_LIBDIR}@g" \ - -i ${D}${bindir}/net-snmp-config - install -d ${D}${systemd_unitdir}/system - install -m 0644 ${WORKDIR}/snmpd.service ${D}${systemd_unitdir}/system - install -m 0644 ${WORKDIR}/snmptrapd.service ${D}${systemd_unitdir}/system -} - -SYSROOT_PREPROCESS_FUNCS += "net_snmp_sysroot_preprocess" - -net_snmp_sysroot_preprocess () { - if [ -e ${D}${bindir}/net-snmp-config ]; then - install -d ${SYSROOT_DESTDIR}${bindir_crossscripts}/ - install -m 755 ${D}${bindir}/net-snmp-config ${SYSROOT_DESTDIR}${bindir_crossscripts}/ - fi -} - -PACKAGES = "${PN}-dbg ${PN}-doc ${PN}-dev ${PN}-staticdev ${PN}-static ${PN}-libs \ - ${PN}-mibs ${PN}-server ${PN}-client ${PN}-server-snmpd ${PN}-server-snmptrapd" - -ALLOW_EMPTY_${PN}-server = "1" - -FILES_${PN}-libs = "${libdir}/lib*${SOLIBS}" -FILES_${PN}-mibs = "${datadir}/snmp/mibs" -FILES_${PN}-server-snmpd = "${sbindir}/snmpd \ - ${sysconfdir}/snmp/snmpd.conf \ - ${sysconfdir}/init.d \ - ${systemd_unitdir}/system/snmpd.service \ -" - -FILES_${PN}-server-snmptrapd = "${sbindir}/snmptrapd \ - ${sysconfdir}/snmp/snmptrapd.conf \ - ${systemd_unitdir}/system/snmptrapd.service \ -" - -FILES_${PN}-client = "${bindir}/* ${datadir}/snmp/" -FILES_${PN}-dbg += "${libdir}/.debug/ ${sbindir}/.debug/ ${bindir}/.debug/" -FILES_${PN}-dev += "${bindir}/net-snmp-config ${bindir}/mib2c ${bindir}/mib2c-update" - -CONFFILES_${PN}-server-snmpd = "${sysconfdir}/snmp/snmpd.conf" -CONFFILES_${PN}-server-snmptrapd = "${sysconfdir}/snmp/snmptrapd.conf" - -INITSCRIPT_PACKAGES = "${PN}-server" -INITSCRIPT_NAME_${PN}-server = "snmpd" -INITSCRIPT_PARAMS_${PN}-server = "defaults" - -EXTRA_OECONF += "${@base_contains('DISTRO_FEATURES', 'systemd', '--with-systemd', '--without-systemd', d)}" - -SYSTEMD_PACKAGES = "${PN}-server-snmpd \ - ${PN}-server-snmptrapd" - -SYSTEMD_SERVICE_${PN}-server-snmpd = "snmpd.service" -SYSTEMD_SERVICE_${PN}-server-snmptrapd = "snmptrapd.service" - -RDEPENDS_${PN}-server-snmpd += "net-snmp-mibs" -RDEPENDS_${PN}-server-snmptrapd += "net-snmp-server-snmpd" -RDEPENDS_${PN}-server += "net-snmp-server-snmpd net-snmp-server-snmptrapd" -RDEPENDS_${PN}-client += "net-snmp-mibs" -RDEPENDS_${PN}-dev = "net-snmp-client (= ${EXTENDPKGV}) net-snmp-server (= ${EXTENDPKGV})" -RRECOMMENDS_${PN}-dbg = "net-snmp-client (= ${EXTENDPKGV}) net-snmp-server (= ${EXTENDPKGV})" - -RPROVIDES_${PN}-server-snmpd += "${PN}-server-snmpd-systemd" -RREPLACES_${PN}-server-snmpd += "${PN}-server-snmpd-systemd" -RCONFLICTS_${PN}-server-snmpd += "${PN}-server-snmpd-systemd" - -RPROVIDES_${PN}-server-snmptrapd += "${PN}-server-snmptrapd-systemd" -RREPLACES_${PN}-server-snmptrapd += "${PN}-server-snmptrapd-systemd" -RCONFLICTS_${PN}-server-snmptrapd += "${PN}-server-snmptrapd-systemd" - -LEAD_SONAME = "libnetsnmp.so" - -pkg_postrm_${PN}-server() { - if test "x$D" != "x"; then - OPT="-r $D " - else - OPT="" - /etc/init.d/snmpd stop - fi -} -- cgit 1.2.3-korg