Fix a small problem by precious webrick security fix from Ruby's repositry (r26281). Also use COMPILER_RPATH_FLAG in Makefile. Bump PKGREVISION.diff -r1.53 -r1.54 pkgsrc/lang/ruby18-base/Makefile
(taca)
| @@ -1,21 +1,21 @@ | @@ -1,21 +1,21 @@ | |||
| 1 | # $NetBSD: Makefile,v 1.53 2010/01/10 15:33:28 taca Exp $ | 1 | # $NetBSD: Makefile,v 1.54 2010/01/14 15:07:28 taca Exp $ | |
| 2 | # | 2 | # | |
| 3 | 3 | |||
| 4 | DISTNAME= ${RUBY_DISTNAME} | 4 | DISTNAME= ${RUBY_DISTNAME} | |
| 5 | PKGNAME= ${RUBY_PKGPREFIX}-base-${RUBY_VERSION_SUFFIX} | 5 | PKGNAME= ${RUBY_PKGPREFIX}-base-${RUBY_VERSION_SUFFIX} | |
| 6 | CATEGORIES= lang ruby | 6 | CATEGORIES= lang ruby | |
| 7 | MASTER_SITES= ${MASTER_SITE_RUBY} | 7 | MASTER_SITES= ${MASTER_SITE_RUBY} | |
| 8 | PKGREVISION= 3 | 8 | PKGREVISION= 4 | |
| 9 | 9 | |||
| 10 | MAINTAINER= taca@NetBSD.org | 10 | MAINTAINER= taca@NetBSD.org | |
| 11 | HOMEPAGE= ${RUBY_HOMEPAGE} | 11 | HOMEPAGE= ${RUBY_HOMEPAGE} | |
| 12 | COMMENT= Ruby 1.8 based release minimum package | 12 | COMMENT= Ruby 1.8 based release minimum package | |
| 13 | 13 | |||
| 14 | RUBY_VERSION= ${RUBY18_VERSION} | 14 | RUBY_VERSION= ${RUBY18_VERSION} | |
| 15 | 15 | |||
| 16 | CONFLICTS= ${RUBY_PKGPREFIX}-dbm-[0-9]* \ | 16 | CONFLICTS= ${RUBY_PKGPREFIX}-dbm-[0-9]* \ | |
| 17 | ${RUBY_PKGPREFIX}-digest-[0-9]* \ | 17 | ${RUBY_PKGPREFIX}-digest-[0-9]* \ | |
| 18 | ${RUBY_PKGPREFIX}-iconv-[0-9]* \ | 18 | ${RUBY_PKGPREFIX}-iconv-[0-9]* \ | |
| 19 | ${RUBY_PKGPREFIX}-openssl-[0-9]* \ | 19 | ${RUBY_PKGPREFIX}-openssl-[0-9]* \ | |
| 20 | ${RUBY_PKGPREFIX}-tcltk-[0-9]* | 20 | ${RUBY_PKGPREFIX}-tcltk-[0-9]* | |
| 21 | 21 | |||
| @@ -25,27 +25,27 @@ USE_LANGUAGES= c | @@ -25,27 +25,27 @@ USE_LANGUAGES= c | |||
| 25 | USE_TOOLS+= pax yacc | 25 | USE_TOOLS+= pax yacc | |
| 26 | GNU_CONFIGURE= yes | 26 | GNU_CONFIGURE= yes | |
| 27 | TEST_TARGET= test | 27 | TEST_TARGET= test | |
| 28 | CONFIGURE_ARGS+= --enable-shared \ | 28 | CONFIGURE_ARGS+= --enable-shared \ | |
| 29 | --with-ssl-include="${BUILDLINK_PREFIX.openssl}/include" \ | 29 | --with-ssl-include="${BUILDLINK_PREFIX.openssl}/include" \ | |
| 30 | --with-ssl-lib="${BUILDLINK_PREFIX.openssl}/lib" | 30 | --with-ssl-lib="${BUILDLINK_PREFIX.openssl}/lib" | |
| 31 | CONFIGURE_ENV+= PREFIX=${PREFIX} | 31 | CONFIGURE_ENV+= PREFIX=${PREFIX} | |
| 32 | WRKSRC= ${RUBY_WRKSRC} | 32 | WRKSRC= ${RUBY_WRKSRC} | |
| 33 | 33 | |||
| 34 | .include "../../mk/compiler.mk" | 34 | .include "../../mk/compiler.mk" | |
| 35 | 35 | |||
| 36 | .if !empty(PKGSRC_COMPILER:Msunpro) | 36 | .if !empty(PKGSRC_COMPILER:Msunpro) | |
| 37 | LIBS.SunOS+= -B static -lsunmath -B dynamic -lm | 37 | LIBS.SunOS+= -B static -lsunmath -B dynamic -lm | |
| 38 | LDFLAGS.SunOS+= -L${SUNWSPROBASE}/lib -Wl,-R${SUNWSPROBASE}/lib | 38 | LDFLAGS.SunOS+= -L${SUNWSPROBASE}/lib ${COMPILER_RPATH_FLAG}${SUNWSPROBASE}/lib | |
| 39 | CONFIGURE_ENV+= LDSHARED="${CC} -G" | 39 | CONFIGURE_ENV+= LDSHARED="${CC} -G" | |
| 40 | .else | 40 | .else | |
| 41 | LIBS.SunOS+= -lm | 41 | LIBS.SunOS+= -lm | |
| 42 | .endif | 42 | .endif | |
| 43 | 43 | |||
| 44 | # Ruby build process depends on config.status's content | 44 | # Ruby build process depends on config.status's content | |
| 45 | CONFIG_STATUS_OVERRIDE= # empty | 45 | CONFIG_STATUS_OVERRIDE= # empty | |
| 46 | 46 | |||
| 47 | MAKE_DIRS+= ${RUBY_SITERIDIR} | 47 | MAKE_DIRS+= ${RUBY_SITERIDIR} | |
| 48 | FILES_SUBST+= DATE=${DATE:Q} | 48 | FILES_SUBST+= DATE=${DATE:Q} | |
| 49 | 49 | |||
| 50 | .include "options.mk" | 50 | .include "options.mk" | |
| 51 | 51 |
| @@ -1,27 +1,27 @@ | @@ -1,27 +1,27 @@ | |||
| 1 | $NetBSD: distinfo,v 1.41 2010/01/10 15:33:28 taca Exp $ | 1 | $NetBSD: distinfo,v 1.42 2010/01/14 15:07:28 taca Exp $ | |
| 2 | 2 | |||
| 3 | SHA1 (ruby-1.8.7-p174.tar.bz2) = 9e84b49ad545ad54b8e7dc3c227eaaefeb1041aa | 3 | SHA1 (ruby-1.8.7-p174.tar.bz2) = 9e84b49ad545ad54b8e7dc3c227eaaefeb1041aa | |
| 4 | RMD160 (ruby-1.8.7-p174.tar.bz2) = f854d456003af1e31d50330c88c3cb152c434249 | 4 | RMD160 (ruby-1.8.7-p174.tar.bz2) = f854d456003af1e31d50330c88c3cb152c434249 | |
| 5 | Size (ruby-1.8.7-p174.tar.bz2) = 4144807 bytes | 5 | Size (ruby-1.8.7-p174.tar.bz2) = 4144807 bytes | |
| 6 | SHA1 (patch-aa) = 88e4a338c4ca40b32f9e3748eb825769631c3e76 | 6 | SHA1 (patch-aa) = 88e4a338c4ca40b32f9e3748eb825769631c3e76 | |
| 7 | SHA1 (patch-ab) = 93a3dc95ee5e5cd6c7584240a285fa39b6f21efd | 7 | SHA1 (patch-ab) = 93a3dc95ee5e5cd6c7584240a285fa39b6f21efd | |
| 8 | SHA1 (patch-ac) = 77c3ba81bb65d13475bf7ea64328fbc35fe788bf | 8 | SHA1 (patch-ac) = 77c3ba81bb65d13475bf7ea64328fbc35fe788bf | |
| 9 | SHA1 (patch-bd) = fb1a6a6724210c2fd84464d028932e78890ad7da | 9 | SHA1 (patch-bd) = fb1a6a6724210c2fd84464d028932e78890ad7da | |
| 10 | SHA1 (patch-be) = 79cd592267068820fa2225242034819ba38aa0b1 | 10 | SHA1 (patch-be) = 79cd592267068820fa2225242034819ba38aa0b1 | |
| 11 | SHA1 (patch-dj) = 436c3c0704b878427d947b2e27e5ce0a057eebeb | 11 | SHA1 (patch-dj) = 436c3c0704b878427d947b2e27e5ce0a057eebeb | |
| 12 | SHA1 (patch-dk) = 2d436ac4089aa7d818b337de81f405fc5836c9af | 12 | SHA1 (patch-dk) = 2d436ac4089aa7d818b337de81f405fc5836c9af | |
| 13 | SHA1 (patch-dl) = 687803dc966594479467fc4b5e7bd45e767daa2b | 13 | SHA1 (patch-dl) = 687803dc966594479467fc4b5e7bd45e767daa2b | |
| 14 | SHA1 (patch-dm) = ab3063fecee241420a66d5d6f4ef8bf37440e70d | 14 | SHA1 (patch-dm) = ab3063fecee241420a66d5d6f4ef8bf37440e70d | |
| 15 | SHA1 (patch-dn) = f63e0cb7dbd86b4a2c022156fddd22c1ccdd5666 | 15 | SHA1 (patch-dn) = f63e0cb7dbd86b4a2c022156fddd22c1ccdd5666 | |
| 16 | SHA1 (patch-do) = f9eda9e784da02dff203fd47e8f1ee6871a6a9d4 | 16 | SHA1 (patch-do) = f9eda9e784da02dff203fd47e8f1ee6871a6a9d4 | |
| 17 | SHA1 (patch-dp) = 0b50909072159937c62944a38763fd18ce3181db | 17 | SHA1 (patch-dp) = 0b50909072159937c62944a38763fd18ce3181db | |
| 18 | SHA1 (patch-dq) = f5a605c49afb29b2c3963a82d844ff4cdf3a8846 | 18 | SHA1 (patch-dq) = f5a605c49afb29b2c3963a82d844ff4cdf3a8846 | |
| 19 | SHA1 (patch-dr) = e0fa1dc8674c6412d73bc4ccd2cfc8b4acad744a | 19 | SHA1 (patch-dr) = e0fa1dc8674c6412d73bc4ccd2cfc8b4acad744a | |
| 20 | SHA1 (patch-ds) = 5344a63980b88d83e279cee50398312b90d5c2da | 20 | SHA1 (patch-ds) = 5344a63980b88d83e279cee50398312b90d5c2da | |
| 21 | SHA1 (patch-dt) = 3dd34a91cbffcb8e432d926c9490372f238e7f2e | 21 | SHA1 (patch-dt) = 3dd34a91cbffcb8e432d926c9490372f238e7f2e | |
| 22 | SHA1 (patch-du) = 55f021e2eb780743e35ecf70141f7738b04f4b62 | 22 | SHA1 (patch-du) = 55f021e2eb780743e35ecf70141f7738b04f4b62 | |
| 23 | SHA1 (patch-dv) = 25e779444c16717c7aaf800ebf68988878ed636f | 23 | SHA1 (patch-dv) = 25e779444c16717c7aaf800ebf68988878ed636f | |
| 24 | SHA1 (patch-dw) = 4937ee0f2b79cfc93f378b415d1a81cbf997b8d4 | 24 | SHA1 (patch-dw) = 51ad1f521713af85be9ae192049930285e89be41 | |
| 25 | SHA1 (patch-dx) = d25267d700f997b951a65c016f45347a8b1a1517 | 25 | SHA1 (patch-dx) = d25267d700f997b951a65c016f45347a8b1a1517 | |
| 26 | SHA1 (patch-dy) = 6c2f978b1803d2939377a4904cfc71e71a3b5fea | 26 | SHA1 (patch-dy) = 7c57240a1447346c8e6f2e4e9c7104b1a7d9dbc9 | |
| 27 | SHA1 (patch-dz) = 52af1fbf17b6e6df6112d08c291215d54a25af67 | 27 | SHA1 (patch-dz) = 52af1fbf17b6e6df6112d08c291215d54a25af67 |
| @@ -1,27 +1,27 @@ | @@ -1,27 +1,27 @@ | |||
| 1 | $NetBSD: patch-dw,v 1.1 2010/01/10 15:33:28 taca Exp $ | 1 | $NetBSD: patch-dw,v 1.2 2010/01/14 15:07:28 taca Exp $ | |
| 2 | 2 | |||
| 3 | webrick security fix. | 3 | webrick security fix. | |
| 4 | 4 | |||
| 5 | http://www.ruby-lang.org/en/news/2010/01/10/webrick-escape-sequence-injection/ | 5 | http://www.ruby-lang.org/en/news/2010/01/10/webrick-escape-sequence-injection/ | |
| 6 | 6 | |||
| 7 | --- lib/webrick/accesslog.rb.orig 2007-02-12 23:01:19.000000000 +0000 | 7 | --- lib/webrick/accesslog.rb.orig 2007-02-12 23:01:19.000000000 +0000 | |
| 8 | +++ lib/webrick/accesslog.rb | 8 | +++ lib/webrick/accesslog.rb | |
| 9 | @@ -53,15 +53,23 @@ module WEBrick | 9 | @@ -53,15 +53,23 @@ module WEBrick | |
| 10 | when ?e, ?i, ?n, ?o | 10 | when ?e, ?i, ?n, ?o | |
| 11 | raise AccessLogError, | 11 | raise AccessLogError, | |
| 12 | "parameter is required for \"#{spec}\"" unless param | 12 | "parameter is required for \"#{spec}\"" unless param | |
| 13 | - params[spec][param] || "-" | 13 | - params[spec][param] || "-" | |
| 14 | + param = params[spec][param] ? escape(param) : "-" | 14 | + (param = params[spec][param]) ? escape(param) : "-" | |
| 15 | when ?t | 15 | when ?t | |
| 16 | params[spec].strftime(param || CLF_TIME_FORMAT) | 16 | params[spec].strftime(param || CLF_TIME_FORMAT) | |
| 17 | when ?% | 17 | when ?% | |
| 18 | "%" | 18 | "%" | |
| 19 | else | 19 | else | |
| 20 | - params[spec] | 20 | - params[spec] | |
| 21 | + escape(params[spec].to_s) | 21 | + escape(params[spec].to_s) | |
| 22 | end | 22 | end | |
| 23 | } | 23 | } | |
| 24 | end | 24 | end | |
| 25 | + | 25 | + | |
| 26 | + def escape(data) | 26 | + def escape(data) | |
| 27 | + if data.tainted? | 27 | + if data.tainted? |
| @@ -1,49 +1,50 @@ | @@ -1,49 +1,50 @@ | |||
| 1 | $NetBSD: patch-dy,v 1.1 2010/01/10 15:33:28 taca Exp $ | 1 | $NetBSD: patch-dy,v 1.2 2010/01/14 15:07:28 taca Exp $ | |
| 2 | 2 | |||
| 3 | webrick security fix. | 3 | webrick security fix. | |
| 4 | 4 | |||
| 5 | http://www.ruby-lang.org/en/news/2010/01/10/webrick-escape-sequence-injection/ | 5 | http://www.ruby-lang.org/en/news/2010/01/10/webrick-escape-sequence-injection/ | |
| 6 | 6 | |||
| 7 | --- lib/webrick/httpstatus.rb.orig 2007-02-12 23:01:19.000000000 +0000 | 7 | --- lib/webrick/httpstatus.rb.orig 2007-02-12 23:01:19.000000000 +0000 | |
| 8 | +++ lib/webrick/httpstatus.rb | 8 | +++ lib/webrick/httpstatus.rb | |
| 9 | @@ -12,7 +12,17 @@ module WEBrick | 9 | @@ -12,7 +12,18 @@ module WEBrick | |
| 10 | 10 | |||
| 11 | module HTTPStatus | 11 | module HTTPStatus | |
| 12 | 12 | |||
| 13 | - class Status < StandardError; end | 13 | - class Status < StandardError; end | |
| 14 | + class Status < StandardError | 14 | + class Status < StandardError | |
| 15 | + def initialize(message=self.class, *rest) | 15 | + def initialize(*args) | |
| 16 | + super(AccessLog.escape(message), *rest) | 16 | + args[0] = AccessLog.escape(args[0]) unless args.empty? | |
| 17 | + super(*args) | |||
| 17 | + end | 18 | + end | |
| 18 | + class << self | 19 | + class << self | |
| 19 | + attr_reader :code, :reason_phrase | 20 | + attr_reader :code, :reason_phrase | |
| 20 | + end | 21 | + end | |
| 21 | + def code() self::class::code end | 22 | + def code() self::class::code end | |
| 22 | + def reason_phrase() self::class::reason_phrase end | 23 | + def reason_phrase() self::class::reason_phrase end | |
| 23 | + alias to_i code | 24 | + alias to_i code | |
| 24 | + end | 25 | + end | |
| 25 | class Info < Status; end | 26 | class Info < Status; end | |
| 26 | class Success < Status; end | 27 | class Success < Status; end | |
| 27 | class Redirect < Status; end | 28 | class Redirect < Status; end | |
| 28 | @@ -68,6 +78,7 @@ module WEBrick | 29 | @@ -68,6 +79,7 @@ module WEBrick | |
| 29 | CodeToError = {} | 30 | CodeToError = {} | |
| 30 | 31 | |||
| 31 | StatusMessage.each{|code, message| | 32 | StatusMessage.each{|code, message| | |
| 32 | + message.freeze | 33 | + message.freeze | |
| 33 | var_name = message.gsub(/[ \-]/,'_').upcase | 34 | var_name = message.gsub(/[ \-]/,'_').upcase | |
| 34 | err_name = message.gsub(/[ \-]/,'') | 35 | err_name = message.gsub(/[ \-]/,'') | |
| 35 | 36 | |||
| 36 | @@ -79,18 +90,12 @@ module WEBrick | 37 | @@ -79,18 +91,12 @@ module WEBrick | |
| 37 | when 500...600; parent = ServerError | 38 | when 500...600; parent = ServerError | |
| 38 | end | 39 | end | |
| 39 | 40 | |||
| 40 | - eval %- | 41 | - eval %- | |
| 41 | - RC_#{var_name} = #{code} | 42 | - RC_#{var_name} = #{code} | |
| 42 | - class #{err_name} < #{parent} | 43 | - class #{err_name} < #{parent} | |
| 43 | - def self.code() RC_#{var_name} end | 44 | - def self.code() RC_#{var_name} end | |
| 44 | - def self.reason_phrase() StatusMessage[code] end | 45 | - def self.reason_phrase() StatusMessage[code] end | |
| 45 | - def code() self::class::code end | 46 | - def code() self::class::code end | |
| 46 | - def reason_phrase() self::class::reason_phrase end | 47 | - def reason_phrase() self::class::reason_phrase end | |
| 47 | - alias to_i code | 48 | - alias to_i code | |
| 48 | - end | 49 | - end | |
| 49 | - - | 50 | - - |