Received: by mail.netbsd.org (Postfix, from userid 605) id 1330D84DDE; Thu, 14 Feb 2019 13:04:39 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 9091784DDC for ; Thu, 14 Feb 2019 13:04:38 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([IPv6:::1]) by localhost (mail.netbsd.org [IPv6:::1]) (amavisd-new, port 10025) with ESMTP id UaN-Q11HB-7U for ; Thu, 14 Feb 2019 13:04:37 +0000 (UTC) Received: from cvs.NetBSD.org (ivanova.NetBSD.org [IPv6:2001:470:a085:999:28c:faff:fe03:5984]) by mail.netbsd.org (Postfix) with ESMTP id 6544884C2B for ; Thu, 14 Feb 2019 13:04:37 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id 5A10BFB16; Thu, 14 Feb 2019 13:04:37 +0000 (UTC) Content-Transfer-Encoding: 7bit Content-Type: multipart/mixed; boundary="_----------=_155014947714780" MIME-Version: 1.0 Date: Thu, 14 Feb 2019 13:04:37 +0000 From: "Adam Ciarcinski" Subject: CVS commit: pkgsrc/net/zeromq To: pkgsrc-changes@NetBSD.org Reply-To: adam@netbsd.org X-Mailer: log_accum Message-Id: <20190214130437.5A10BFB16@cvs.NetBSD.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk List-Unsubscribe: This is a multi-part message in MIME format. --_----------=_155014947714780 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Module Name: pkgsrc Committed By: adam Date: Thu Feb 14 13:04:37 UTC 2019 Modified Files: pkgsrc/net/zeromq: Makefile PLIST distinfo pkgsrc/net/zeromq/patches: patch-configure patch-src_tcp__listener.cpp Log Message: zeromq: updated to 4.3.1 0MQ version 4.3.1 stable: * CVE-2019-6250: A vulnerability has been found that would allow attackers to direct a peer to jump to and execute from an address indicated by the attacker. This issue has been present since v4.2.0. Older releases are not affected. NOTE: The attacker needs to know in advance valid addresses in the peer's memory to jump to, so measures like ASLR are effective mitigations. NOTE: this attack can only take place after authentication, so peers behind CURVE/GSSAPI are not vulnerable to unauthenticated attackers. See https://github.com/zeromq/libzmq/issues/3351 for more details. Thanks to Guido Vranken for uncovering the issue and providing the fix! * Note for packagers: as pkg-config's Requires.private is now used to properly propagate dependencies for static builds, the libzmq*-dev or zeromq-devel or equivalent package should now depend on the libfoo-dev or foo-devel packages of all the libraries that zmq is linked against, or pkg-config --libs libzmq will fail due to missing dependencies on end users machines. 0MQ version 4.3.0 stable: * The following DRAFT APIs have been marked as STABLE and will not change anymore: - ZMQ_MSG_T_SIZE context option (see doc/zmq_ctx_get.txt) - ZMQ_THREAD_AFFINITY_CPU_ADD and ZMQ_THREAD_AFFINITY_CPU_REMOVE (Posix only) context options, to add/remove CPUs to the affinity set of the I/O threads. See doc/zmq_ctx_set.txt and doc/zmq_ctx_get.txt for details. - ZMQ_THREAD_NAME_PREFIX (Posix only) context option, to add a specific integer prefix to the background threads names, to easily identify them. See doc/zmq_ctx_set.txt and doc/zmq_ctx_get.txt for details. - ZMQ_GSSAPI_PRINCIPAL_NAMETYPE and ZMQ_GSSAPI_SERVICE_PRINCIPAL_NAMETYPE socket options, for the corresponding GSSAPI features. Additional definitions for principal name types: - ZMQ_GSSAPI_NT_HOSTBASED - ZMQ_GSSAPI_NT_USER_NAME - ZMQ_GSSAPI_NT_KRB5_PRINCIPAL See doc/zmq_gssapi.txt for details. - ZMQ_BINDTODEVICE socket option (Linux only), which will bind the socket(s) to the specified interface. Allows to use Linux VRF, see: https://www.kernel.org/doc/Documentation/networking/vrf.txt NOTE: requires the program to be ran as root OR with CAP_NET_RAW - zmq_timers_* APIs. These functions can be used for cross-platforms timed callbacks. See doc/zmq_timers.txt for details. - The following socket monitor events: - ZMQ_EVENT_HANDSHAKE_FAILED_NO_DETAIL: unknown errors during handshake. - ZMQ_EVENT_HANDSHAKE_SUCCEEDED: Handshake completed with authentication. - ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL: Protocol errors with peers or ZAP. - ZMQ_EVENT_HANDSHAKE_FAILED_AUTH: Failed authentication requests. See doc/zmq_socket_monitor.txt for more details and error codes. - zmq_stopwatch_intermediate which returns the time elapsed without stopping the stopwatch. - zmq_proxy_steerable command 'STATISTICS' to retrieve stats about the amount of messages and bytes sent and received by the proxy. See doc/zmq_proxy_steerable.txt for more information. * The build-time configuration option to select the poller has been split, and new API_POLLER (CMake) and --with-api-poller (autoconf) options will now determine what system call is used to implement the zmq_poll/zmq_poller APIs. The previous POLLER and --with-poller options now only affects the internal I/O thread. In case API_POLLER is not specified, the behaviour keeps backward compatibility intact and will be the same as with previous releases. * The non-default "poll" poller for the internal I/O thread (note: NOT for the zmq_poll/zmq_poller user APIs!) has been disabled on Windows as WSAPoll does not report connection failures. For more information see: - https://daniel.haxx.se/blog/2012/10/10/wsapoll-is-broken/ - https://curl.haxx.se/mail/lib-2012-10/0038.html - https://bugs.python.org/issue16507 * New epoll implementation for Windows, using the following implementation: https://github.com/piscisaureus/wepoll/tree/v1.5.4 To use this, select "epoll" as the poller option in the build system. Note for distributors: the wepoll source code is embedded and distributed. It is licensed under the BSD-2-Clause and thus it is compatible with LGPL-3.0. Note that, if selected at build time, the license text must be distributed with the binary in accordance to the license terms. A copy can be found at: external/wepoll/license.txt * The pre-made Visual Studio solutions file are deprecated, and users are encouraged to use the CMake solution generation feature instead. * New DRAFT (see NEWS for 4.2.0) socket options: - ZMQ_ROUTER_NOTIFY to deliver a notification when a peer connects and/or disconnects in the form of a routing id plus a zero-length frame. - ZMQ_MULTICAST_LOOP to control whether the data sent should be looped back on local listening sockets for UDP multicast sockets (ZMQ_RADIO). See doc/zmq_setsockopt.txt and doc/zmq_getsockopt.txt for details. * New perf tool, perf/benchmark_radix_tree, to measure the performance of the different internal implementations of the trie algorithm used to track subscriptions. Requires a compiler that supports C++11. * New autoconf flag "--enable-force-CXX98-compat" which will force -std=gnu++98 and, if the compiler supports them (clang++ at the moment), it will also add -Wc++98-compat -Wc++98-compat-pedantic so that compatibility with C++98 can be tested. * Many, many coding style, duplication and static analysis improvements. * Many, many improvements to the CMake build system, especially on Windows. * Many, many improvements to unit tests. To generate a diff of this commit: cvs rdiff -u -r1.29 -r1.30 pkgsrc/net/zeromq/Makefile cvs rdiff -u -r1.8 -r1.9 pkgsrc/net/zeromq/PLIST cvs rdiff -u -r1.27 -r1.28 pkgsrc/net/zeromq/distinfo cvs rdiff -u -r1.6 -r1.7 pkgsrc/net/zeromq/patches/patch-configure cvs rdiff -u -r1.3 -r1.4 \ pkgsrc/net/zeromq/patches/patch-src_tcp__listener.cpp Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. --_----------=_155014947714780 Content-Disposition: inline Content-Length: 6958 Content-Transfer-Encoding: binary Content-Type: text/x-diff; charset=us-ascii Modified files: Index: pkgsrc/net/zeromq/Makefile diff -u pkgsrc/net/zeromq/Makefile:1.29 pkgsrc/net/zeromq/Makefile:1.30 --- pkgsrc/net/zeromq/Makefile:1.29 Sat Jul 14 18:19:16 2018 +++ pkgsrc/net/zeromq/Makefile Thu Feb 14 13:04:37 2019 @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.29 2018/07/14 18:19:16 adam Exp $ +# $NetBSD: Makefile,v 1.30 2019/02/14 13:04:37 adam Exp $ -DISTNAME= zeromq-4.2.5 +DISTNAME= zeromq-4.3.1 CATEGORIES= net devel MASTER_SITES= ${MASTER_SITE_GITHUB:=zeromq/} GITHUB_PROJECT= libzmq Index: pkgsrc/net/zeromq/PLIST diff -u pkgsrc/net/zeromq/PLIST:1.8 pkgsrc/net/zeromq/PLIST:1.9 --- pkgsrc/net/zeromq/PLIST:1.8 Sat Jan 13 18:22:42 2018 +++ pkgsrc/net/zeromq/PLIST Thu Feb 14 13:04:37 2019 @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.8 2018/01/13 18:22:42 adam Exp $ +@comment $NetBSD: PLIST,v 1.9 2019/02/14 13:04:37 adam Exp $ bin/curve_keygen include/zmq.h include/zmq_utils.h @@ -41,6 +41,7 @@ man/man3/zmq_msg_set.3 man/man3/zmq_msg_set_routing_id.3 man/man3/zmq_msg_size.3 man/man3/zmq_poll.3 +man/man3/zmq_poller.3 man/man3/zmq_proxy.3 man/man3/zmq_proxy_steerable.3 man/man3/zmq_recv.3 @@ -52,6 +53,7 @@ man/man3/zmq_setsockopt.3 man/man3/zmq_socket.3 man/man3/zmq_socket_monitor.3 man/man3/zmq_strerror.3 +man/man3/zmq_timers.3 man/man3/zmq_unbind.3 man/man3/zmq_version.3 man/man3/zmq_z85_decode.3 Index: pkgsrc/net/zeromq/distinfo diff -u pkgsrc/net/zeromq/distinfo:1.27 pkgsrc/net/zeromq/distinfo:1.28 --- pkgsrc/net/zeromq/distinfo:1.27 Sat Jul 14 18:19:16 2018 +++ pkgsrc/net/zeromq/distinfo Thu Feb 14 13:04:37 2019 @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.27 2018/07/14 18:19:16 adam Exp $ +$NetBSD: distinfo,v 1.28 2019/02/14 13:04:37 adam Exp $ -SHA1 (zeromq-4.2.5.tar.gz) = 1132f839d703486c4ee1cf22f056585dfbb329c2 -RMD160 (zeromq-4.2.5.tar.gz) = 3b1348e904f2055becc833a9c7b3a12a455e5443 -SHA512 (zeromq-4.2.5.tar.gz) = 4556cb50d05a6d133015a0ba804d6d951a47479a33fa29561eaeecb93d48b7bb6477365d0986c38b779f500cadaf08522c4a7aa13f5510303bd923f794d37036 -Size (zeromq-4.2.5.tar.gz) = 1409447 bytes -SHA1 (patch-configure) = c6b5ab95dc022525b8af92756c5c1ee9dc3656e0 +SHA1 (zeromq-4.3.1.tar.gz) = 6cce22d830eaf95feff7cab00744df13ad7ab7f3 +RMD160 (zeromq-4.3.1.tar.gz) = 43e14ed3c0ca6f7de39cbc74f206e700bb469c39 +SHA512 (zeromq-4.3.1.tar.gz) = b80388a3703993425cdd73054139a8e2895aedb9992ea68d6eadb4ea39b9af576ea14f306dfb432e4c24535feb6b293f82fac5679b655d258f0f921f2b71e772 +Size (zeromq-4.3.1.tar.gz) = 1490122 bytes +SHA1 (patch-configure) = b0e3d865b3eddf93461aff6674a64c7cc9fc1f01 SHA1 (patch-src_ipc__listener.cpp) = fdaa86b9c13b5c3f7e9dff3934085a4138fac279 -SHA1 (patch-src_tcp__listener.cpp) = d91f06b69a650f74084bb4a0106d7fc0a8387107 +SHA1 (patch-src_tcp__listener.cpp) = e09f1df0f1c117a317a8a731404daf84f2996700 Index: pkgsrc/net/zeromq/patches/patch-configure diff -u pkgsrc/net/zeromq/patches/patch-configure:1.6 pkgsrc/net/zeromq/patches/patch-configure:1.7 --- pkgsrc/net/zeromq/patches/patch-configure:1.6 Sat Jan 13 18:22:42 2018 +++ pkgsrc/net/zeromq/patches/patch-configure Thu Feb 14 13:04:37 2019 @@ -1,10 +1,10 @@ -$NetBSD: patch-configure,v 1.6 2018/01/13 18:22:42 adam Exp $ +$NetBSD: patch-configure,v 1.7 2019/02/14 13:04:37 adam Exp $ Portability fixes. ---- configure.orig 2017-12-13 13:37:25.000000000 +0000 +--- configure.orig 2019-01-12 16:18:01.000000000 +0000 +++ configure -@@ -19007,7 +19007,7 @@ if test "${enable_address_sanitizer+set} +@@ -19450,7 +19450,7 @@ if test "${enable_address_sanitizer+set} fi @@ -13,7 +13,7 @@ Portability fixes. CFLAGS="${CFLAGS} -fsanitize=address" CXXFLAGS="${CXXFLAGS} -fsanitize=address" -@@ -20448,12 +20448,12 @@ if test "${with_poller+set}" = set; then +@@ -20853,12 +20853,12 @@ if test "${with_api_poller+set}" = set; fi @@ -28,3 +28,37 @@ Portability fixes. # We search for pollers in this order pollers="kqueue epoll devpoll pollset poll select" fi +@@ -21297,13 +21297,13 @@ $as_echo "#define ZMQ_IOTHREAD_POLLER_US + if test $poller_found -eq 0; then + as_fn_error $? "None of '$pollers' are valid pollers on this platform" "$LINENO" 5 + fi +- if test "x$with_api_poller" == "x"; then ++ if test "x$with_api_poller" = "x"; then + with_api_poller=auto + fi +- if test "x$with_api_poller" == "xauto"; then +- if test $poller == "select"; then ++ if test "x$with_api_poller" = "xauto"; then ++ if test $poller = "select"; then + api_poller=select +- elif test $poller == "wepoll"; then ++ elif test $poller = "wepoll"; then + api_poller=select + else + api_poller=poll +@@ -21311,13 +21311,13 @@ $as_echo "#define ZMQ_IOTHREAD_POLLER_US + else + api_poller=$with_api_poller + fi +- if test "$api_poller" == "select"; then ++ if test "$api_poller" = "select"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: Using 'select' zmq_poll(er)_* API polling system" >&5 + $as_echo "$as_me: Using 'select' zmq_poll(er)_* API polling system" >&6;} + + $as_echo "#define ZMQ_POLL_BASED_ON_SELECT 1" >>confdefs.h + +- elif test "$api_poller" == "poll"; then ++ elif test "$api_poller" = "poll"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: Using 'poll' zmq_poll(er)_* API polling system" >&5 + $as_echo "$as_me: Using 'poll' zmq_poll(er)_* API polling system" >&6;} + Index: pkgsrc/net/zeromq/patches/patch-src_tcp__listener.cpp diff -u pkgsrc/net/zeromq/patches/patch-src_tcp__listener.cpp:1.3 pkgsrc/net/zeromq/patches/patch-src_tcp__listener.cpp:1.4 --- pkgsrc/net/zeromq/patches/patch-src_tcp__listener.cpp:1.3 Sat Jan 13 18:22:42 2018 +++ pkgsrc/net/zeromq/patches/patch-src_tcp__listener.cpp Thu Feb 14 13:04:37 2019 @@ -1,18 +1,20 @@ -$NetBSD: patch-src_tcp__listener.cpp,v 1.3 2018/01/13 18:22:42 adam Exp $ +$NetBSD: patch-src_tcp__listener.cpp,v 1.4 2019/02/14 13:04:37 adam Exp $ NetBSD<8 has SOCK_CLOEXEC, but uses it with paccept, not accept4 ---- src/tcp_listener.cpp.orig 2017-12-13 13:37:08.000000000 +0000 +--- src/tcp_listener.cpp.orig 2019-01-12 16:17:39.000000000 +0000 +++ src/tcp_listener.cpp -@@ -282,7 +282,11 @@ zmq::fd_t zmq::tcp_listener_t::accept () +@@ -291,8 +291,13 @@ zmq::fd_t zmq::tcp_listener_t::accept () socklen_t ss_len = sizeof (ss); #endif #if defined ZMQ_HAVE_SOCK_CLOEXEC && defined HAVE_ACCEPT4 +#if defined(__NetBSD__) -+ fd_t sock = ::paccept (s, (struct sockaddr *) &ss, &ss_len, NULL, SOCK_CLOEXEC); ++ fd_t sock = ::paccept (_s, reinterpret_cast (&ss), ++ &ss_len, NULL, SOCK_CLOEXEC); +#else - fd_t sock = ::accept4 (s, (struct sockaddr *) &ss, &ss_len, SOCK_CLOEXEC); + fd_t sock = ::accept4 (_s, reinterpret_cast (&ss), + &ss_len, SOCK_CLOEXEC); +#endif #else - fd_t sock = ::accept (s, (struct sockaddr *) &ss, &ss_len); - #endif + fd_t sock = + ::accept (_s, reinterpret_cast (&ss), &ss_len); --_----------=_155014947714780--