proj/gentoo: Initial commit

This commit represents a new era for Gentoo: Storing the gentoo-x86 tree in Git, as converted from CVS. This commit is the start of the NEW history. Any historical data is intended to be grafted onto this point. Creation process: 1. Take final CVS checkout snapshot 2. Remove ALL ChangeLog* files 3. Transform all Manifests to thin 4. Remove empty Manifests 5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$ 5.1. Do not touch files with -kb/-ko keyword flags. Signed-off-by: Robin H. Johnson <robbat2@gentoo.org> X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration tests X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this project X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo developer, wrote Git features for the migration X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve cvs2svn X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014 work in migration X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed
author: Robin H. Johnson <robbat2@gentoo.org> 2015-08-08 13:49:04 -0700
committer: Robin H. Johnson <robbat2@gentoo.org> 2015-08-08 17:38:18 -0700
commit: 56bd759df1d0c750a065b8c845e93d5dfa6b549d (patch)
tree: 3f91093cdb475e565ae857f1c5a7fd339e2d781e /net-dns/rbldnsd/files
download: gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.gz
gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.bz2
gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.zip
8 files changed, 493 insertions, 0 deletions
diff --git a/net-dns/rbldnsd/files/confd b/net-dns/rbldnsd/files/confd
new file mode 100644
index 000000000000..ccbe1e91da0d
--- /dev/null
+++ b/net-dns/rbldnsd/files/confd
@@ -0,0 +1,20 @@
+#
+# options for rbldnsd
+#
+# for initial testing, copy example zone file to /var/db/rbldnsd
+# NOTE: make sure nothing listens on 127.0.0.1:53
+#
+# OPTIONS="-q -r /var/db/rbldnsd -b 127.0.0.1 \
+#	-u rbldns -p /var/run/rbldnsd.pid \
+#	rbl.example.com:ip4set:example"
+
+# check if it works by executing
+# dig @localhost 1.0.0.127.rbl.example.com. any
+# - or -
+# host -a 1.0.0.127.rbl.example.com. localhost
+
+# the result should include something like
+
+# ANSWER SECTION:
+# 1.0.0.127.rbl.example.com. 2100 IN      A       127.0.0.2
+# 1.0.0.127.rbl.example.com. 2100 IN      TXT     "spam received, see http://rbl.example.com/lookup?127.0.0.1"
diff --git a/net-dns/rbldnsd/files/confd-0.997a b/net-dns/rbldnsd/files/confd-0.997a
new file mode 100644
index 000000000000..e7abb81fbc78
--- /dev/null
+++ b/net-dns/rbldnsd/files/confd-0.997a
@@ -0,0 +1,35 @@
+# A whitespace-separated list of addresses on which to listen. The
+# syntax is "host/port", where the port defaults to 53.
+#
+# Note that by default the rbldnsd init script does not require any
+# interfaces other than lo to be "up" (see bug #439092). So if you
+# LISTEN on a non-loopback interface, you should specify a dependency
+# on that interface using rc_need. An example is given below assuming
+# that net.lan0 provides 192.168.0.1.
+#
+# rc_need="net.lan0"
+#
+# LISTEN="127.0.0.1
+#         192.168.0.1/5353"
+#
+LISTEN="localhost"
+
+
+# A whitespace-separated list of RBL zones. For the correct syntax, please
+# see the rbldnsd(8) man page. The following $ZONES will look for
+# files named "badguys.example.com" and "spammers.example.net" (in the
+# appropriate format) under /var/db/rbldnsd, and use those same names
+# for the blacklists contained therein.
+ZONES="badguys.example.com:ip4set:badguys.example.com
+       spammers.example.net:ip4tset:spammers.example.net"
+
+
+# Add any additional options for the rbldnsd daemon below. The -a and
+# -vv below are suggested for performance/security reasons. They are
+# described in the man page.
+#
+# The rootdir (-r) and PID (-p) options are passed automatically, with
+# rootdir set to /var/db/rbldnsd (where you should put your zone
+# files). The daemon will run as the rbldns user, which was created by
+# portage.
+OPTIONS="-a -vv"
diff --git a/net-dns/rbldnsd/files/example b/net-dns/rbldnsd/files/example
new file mode 100644
index 000000000000..ab3458edd26a
--- /dev/null
+++ b/net-dns/rbldnsd/files/example
@@ -0,0 +1,23 @@
+# SOA and NS record
+$SOA 1800 rbl.example.com abuse.example.com 0 600 600 86400 600
+
+# note: NS record should have reasonably longer TTL
+$NS  86400 rbl.example.com
+
+# default value if LHS of key is omitted:
+:127.0.0.2:spam received, see http://rbl.example.com/lookup?$
+
+# a key without value: returns the default value above
+127.0.0.1
+
+# CIDR notation:
+10.200/16
+
+# without netmask, it works as well: same as 10.201/16
+10.201
+
+# whitelisting:
+!10.202.0.1
+
+# domain-based DNSBL:
+evil.example.com
diff --git a/net-dns/rbldnsd/files/initd b/net-dns/rbldnsd/files/initd
new file mode 100644
index 000000000000..29de0001f073
--- /dev/null
+++ b/net-dns/rbldnsd/files/initd
@@ -0,0 +1,20 @@
+#!/sbin/runscript
+# Copyright 1999-2002 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License, v2 or later
+
+depend() {
+	need net 
+}
+
+start() {
+	ebegin "Starting rbldnsd-server"
+	start-stop-daemon --start --quiet --pidfile /var/run/rbldnsd.pid --exec /usr/sbin/rbldnsd -- ${OPTIONS}
+	eend $?
+}
+
+stop() {
+	ebegin "Stopping rbldnsd-server"
+	start-stop-daemon --stop --quiet --pidfile /var/run/rbldnsd.pid --exec /usr/sbin/rbldnsd
+	eend $?
+}
+
diff --git a/net-dns/rbldnsd/files/initd-0.997a b/net-dns/rbldnsd/files/initd-0.997a
new file mode 100644
index 000000000000..c3ade4d15e36
--- /dev/null
+++ b/net-dns/rbldnsd/files/initd-0.997a
@@ -0,0 +1,25 @@
+#!/sbin/runscript
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+start() {
+    ebegin "Starting rbldnsd"
+
+    start-stop-daemon --start --quiet --pidfile /run/rbldnsd.pid \
+	--exec /usr/sbin/rbldnsd -- \
+	-r /var/db/rbldnsd \
+	-p /run/rbldnsd.pid \
+	$(for x in ${LISTEN}; do echo "-b ${x}"; done) \
+	${OPTIONS} \
+	${ZONES}
+
+    eend $?
+}
+
+stop() {
+    ebegin "Stopping rbldnsd"
+    start-stop-daemon --stop --quiet --pidfile /run/rbldnsd.pid \
+	--exec /usr/sbin/rbldnsd
+    eend $?
+}
diff --git a/net-dns/rbldnsd/files/rbldnsd-0.996b-asneeded.patch b/net-dns/rbldnsd/files/rbldnsd-0.996b-asneeded.patch
new file mode 100644
index 000000000000..77af1d915928
--- /dev/null
+++ b/net-dns/rbldnsd/files/rbldnsd-0.996b-asneeded.patch
@@ -0,0 +1,11 @@
+--- configure.lib.orig	2009-01-04 16:52:52.112984801 +0100
++++ configure.lib	2009-01-04 16:53:07.680980305 +0100
+@@ -105,7 +105,7 @@
+ # run a compiler
+ ac_run_compiler() {
+   rm -f conftest*; cat >conftest.c
+-  ac_run $CC $CFLAGS "$@" conftest.c
++  ac_run $CC $CFLAGS conftest.c "$@"
+ }
+ 
+ ac_compile() {
diff --git a/net-dns/rbldnsd/files/rbldnsd-0.997a-format-security-compile-fix.patch b/net-dns/rbldnsd/files/rbldnsd-0.997a-format-security-compile-fix.patch
new file mode 100644
index 000000000000..03da010336e3
--- /dev/null
+++ b/net-dns/rbldnsd/files/rbldnsd-0.997a-format-security-compile-fix.patch
@@ -0,0 +1,30 @@
+From 5d3455065f84fe1ef4673552a27d2e6e8f02c97a Mon Sep 17 00:00:00 2001
+From: Michael Orlitzky <michael@orlitzky.com>
+Date: Mon, 22 Sep 2014 10:09:27 -0400
+Subject: [PATCH 1/1] Fix compilation with -Werror=format-security.
+
+The dslog() function takes an optional format string, analogous to
+e.g. printf(), and a list of arguments to be substituted into the
+format string. A call to dslog() in do_reload() omitted the format
+string causing GCC to throw a format-security warning. To silence the
+warning, a trivial format string of "%s" was provided.
+---
+ rbldnsd.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/rbldnsd.c b/rbldnsd.c
+index abf1d01..e791231 100644
+--- a/rbldnsd.c
++++ b/rbldnsd.c
+@@ -959,7 +959,7 @@ static int do_reload(int do_fork) {
+ # undef kb
+   }
+ #endif /* NO_MEMINFO */
+-  dslog(LOG_INFO, 0, ibuf);
++  dslog(LOG_INFO, 0, "%s", ibuf);
+ 
+   check_expires();
+ 
+-- 
+1.8.5.5
+
diff --git a/net-dns/rbldnsd/files/rbldnsd-0.997a-robust-ipv6-test-support.patch b/net-dns/rbldnsd/files/rbldnsd-0.997a-robust-ipv6-test-support.patch
new file mode 100644
index 000000000000..5621075fbae2
--- /dev/null
+++ b/net-dns/rbldnsd/files/rbldnsd-0.997a-robust-ipv6-test-support.patch
@@ -0,0 +1,329 @@
+diff --git a/NEWS b/NEWS
+index 8d8bdd9..4d8c01d 100644
+--- a/NEWS
++++ b/NEWS
+@@ -1,6 +1,19 @@
+ This file describes user-visible changes in rbldnsd.
+ Newer news is at the top.
+ 
++Next release
++
++ - fix tests for systems without ipv6 support, or when ipv6 is
++   disabled in rbldnsd at compile-time
++
++ - fix tests for API change in pydns >= 2.3.6
++
++ - It is no longer an error to request binding to a particular
++   address/port more than once. (The subsequent requests are simply
++   ignored.) (This avoids confusion on certain systems/configurations
++   where gethostbyname("localhost") can return 127.0.0.1 multiple
++   times.)
++
+ 0.997a (23 Jul 2013)
+ 
+  - minor fixes/changes in packaging, no code changes.
+diff --git a/rbldnsd.c b/rbldnsd.c
+index abf1d01..8322bdd 100644
+--- a/rbldnsd.c
++++ b/rbldnsd.c
+@@ -203,10 +203,79 @@ static volatile int signalled;
+ #define SIGNALLED_ZSTATS	0x10
+ #define SIGNALLED_TERM		0x20
+ 
++static inline int sockaddr_in_equal(const struct sockaddr_in *addr1,
++                                    const struct sockaddr_in *addr2)
++{
++  return (addr1->sin_port == addr2->sin_port
++          && addr1->sin_addr.s_addr == addr2->sin_addr.s_addr);
++}
++
++#ifndef NO_IPv6
++static inline int sockaddr_in6_equal(const struct sockaddr_in6 *addr1,
++                                     const struct sockaddr_in6 *addr2)
++{
++  if (memcmp(addr1->sin6_addr.s6_addr, addr2->sin6_addr.s6_addr, 16) != 0)
++    return 0;
++  return (addr1->sin6_port == addr2->sin6_port
++          && addr1->sin6_flowinfo == addr2->sin6_flowinfo
++          && addr1->sin6_scope_id == addr2->sin6_scope_id);
++}
++#endif
++
++static inline int sockaddr_equal(const struct sockaddr *addr1,
++                                 const struct sockaddr *addr2)
++{
++  if (addr1->sa_family != addr2->sa_family)
++    return 0;
++  switch (addr1->sa_family) {
++  case AF_INET:
++    return sockaddr_in_equal((const struct sockaddr_in *)addr1,
++                             (const struct sockaddr_in *)addr2);
++#ifndef NO_IPv6
++    return sockaddr_in6_equal((const struct sockaddr_in6 *)addr1,
++                              (const struct sockaddr_in6 *)addr2);
++#endif
++    default:
++      error(0, "unknown address family (%d)", addr1->sa_family);
++  }
++}
++
++/* already_bound(addr, addrlen)
++ *
++ * Determine whether we've already bound to a particular address.
++ * This is here mostly to deal with the fact that on certain systems,
++ * gethostbyname()/getaddrinfo() can return a duplicate 127.0.0.1
++ * for 'localhost'.  See
++ *   - http://sourceware.org/bugzilla/show_bug.cgi?id=4980
++ *   - https://bugzilla.redhat.com/show_bug.cgi?id=496300
++ */
++static int already_bound(const struct sockaddr *addr, socklen_t addrlen) {
++#ifdef NO_IPv6
++  struct sockaddr_in addr_buf;
++#else
++  struct sockaddr_in6 addr_buf;
++#endif
++  struct sockaddr *boundaddr = (struct sockaddr *)&addr_buf;
++  socklen_t buflen;
++  int i;
++
++  for (i = 0; i < numsock; i++) {
++    buflen = sizeof(addr_buf);
++    if (getsockname(sock[i], boundaddr, &buflen) < 0)
++      error(errno, "getsockname failed");
++    if (buflen == addrlen && sockaddr_equal(boundaddr, addr))
++      return 1;
++  }
++  return 0;
++}
++
+ #ifdef NO_IPv6
+ static void newsocket(struct sockaddr_in *sin) {
+   int fd;
+   const char *host = ip4atos(ntohl(sin->sin_addr.s_addr));
++
++  if (already_bound((struct sockaddr *)sin, sizeof(*sin)))
++    return;
+   if (numsock >= MAXSOCK)
+     error(0, "too many listening sockets (%d max)", MAXSOCK);
+   fd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
+@@ -223,6 +292,8 @@ static int newsocket(struct addrinfo *ai) {
+   int fd;
+   char host[NI_MAXHOST], serv[NI_MAXSERV];
+ 
++  if (already_bound(ai->ai_addr, ai->ai_addrlen))
++    return 1;
+   if (numsock >= MAXSOCK)
+     error(0, "too many listening sockets (%d max)", MAXSOCK);
+   fd = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
+diff --git a/rbldnsd.py b/rbldnsd.py
+index 9300ef2..4b78dee 100644
+--- a/rbldnsd.py
++++ b/rbldnsd.py
+@@ -2,6 +2,7 @@
+ 
+ 
+ """
++import errno
+ from itertools import count
+ import subprocess
+ from tempfile import NamedTemporaryFile, TemporaryFile
+@@ -12,6 +13,14 @@ try:
+     import DNS
+ except ImportError:
+     raise RuntimeError("The pydns library is not installed")
++try:
++    from DNS import SocketError as DNS_SocketError
++except ImportError:
++    class DNS_SocketError(Exception):
++        """ Dummy, never raised.
++
++        (Older versions of pydns before 2.3.6 do not raise SocketError.)
++        """
+ 
+ DUMMY_ZONE_HEADER = """
+ $SOA 0 example.org. hostmaster.example.com. 0 1h 1h 2d 1h
+@@ -113,7 +122,6 @@ class Rbldnsd(object):
+                                                  stderr=self.stderr)
+ 
+         # wait for rbldnsd to start responding
+-        time.sleep(0.1)
+         for retry in count():
+             if daemon.poll() is not None:
+                 raise DaemonError(
+@@ -124,12 +132,18 @@ class Rbldnsd(object):
+                 break
+             except QueryRefused:
+                 break
++            except DNS_SocketError as ex:
++                # pydns >= 2.3.6
++                wrapped_error = ex.args[0]
++                if wrapped_error.errno != errno.ECONNREFUSED:
++                    raise
+             except DNS.DNSError as ex:
++                # pydns < 2.3.6
+                 if str(ex) != 'no working nameservers found':
+                     raise
+-                elif retries > 10:
+-                    raise DaemonError(
+-                        "rbldnsd does not seem to be responding")
++            if retry > 10:
++                raise DaemonError("rbldnsd does not seem to be responding")
++            time.sleep(0.1)
+ 
+     def _stop_daemon(self):
+         daemon = self._daemon
+@@ -150,6 +164,22 @@ class Rbldnsd(object):
+             raise DaemonError("rbldnsd exited with code %d"
+                               % daemon.returncode)
+ 
++    @property
++    def no_ipv6(self):
++        """ Was rbldnsd compiled with -DNO_IPv6?
++        """
++        # If rbldnsd was compiled with -DNO_IPv6, the (therefore
++        # unsupported) '-6' command-line switch will not be described
++        # in the help message
++        cmd = [self.daemon_bin, '-h']
++        proc = subprocess.Popen(cmd, stdout=subprocess.PIPE)
++        help_message = proc.stdout.readlines()
++        if proc.wait() != 0:
++            raise subprocess.CalledProcessError(proc.returncode, cmd)
++        return not any(line.lstrip().startswith('-6 ')
++                       for line in help_message)
++
++
+ class TestRbldnsd(unittest.TestCase):
+     def test(self):
+         rbldnsd = Rbldnsd()
+diff --git a/test_acl.py b/test_acl.py
+index d93ca0a..10bed1c 100644
+--- a/test_acl.py
++++ b/test_acl.py
+@@ -1,5 +1,8 @@
+ """ Tests for the acl dataset
+ """
++from functools import wraps
++import socket
++import sys
+ from tempfile import NamedTemporaryFile
+ import unittest
+ 
+@@ -9,6 +12,35 @@ __all__ = [
+     'TestAclDataset',
+     ]
+ 
++try:
++    from unittest import skipIf
++except ImportError:
++    # hokey replacement (for python <= 2.6)
++    def skipIf(condition, reason):
++        if condition:
++            def decorate(f):
++                @wraps(f)
++                def skipped(*args, **kw):
++                    sys.stderr.write("skipped test: %s " % reason)
++                return skipped
++            return decorate
++        else:
++            return lambda f: f
++
++def _have_ipv6():
++    # Check for IPv6 support
++    if not getattr(socket, 'has_ipv6', False):
++        return False                    # no python support for ipv6
++    elif Rbldnsd().no_ipv6:
++        return False                    # rbldnsd compiled with -DNO_IPv6
++    try:
++        socket.socket(socket.AF_INET6, socket.SOCK_DGRAM).close()
++    except socket.error:
++        return False                    # no kernel (or libc) support for ipv6?
++    return True
++
++no_ipv6 = not _have_ipv6()
++
+ def daemon(acl, addr='localhost'):
+     """ Create an Rbldnsd instance with given ACL
+     """
+@@ -33,11 +65,13 @@ class TestAclDataset(unittest.TestCase):
+                     addr='127.0.0.1') as dnsd:
+             self.assertEqual(dnsd.query('test.example.com'), 'Success')
+ 
++    @skipIf(no_ipv6, "IPv6 unsupported")
+     def test_refuse_ipv6(self):
+         with daemon(acl=["::1 :refuse"],
+                     addr='::1') as dnsd:
+             self.assertRaises(QueryRefused, dnsd.query, 'test.example.com')
+ 
++    @skipIf(no_ipv6, "IPv6 unsupported")
+     def test_pass_ipv6(self):
+         with daemon(acl=[ "0/0 :refuse",
+                           "0::1 :pass" ],
+diff --git a/test_ip4trie.py b/test_ip4trie.py
+index fe9e78f..2cce09b 100644
+--- a/test_ip4trie.py
++++ b/test_ip4trie.py
+@@ -9,7 +9,7 @@ __all__ = [
+     ]
+ 
+ def ip4trie(zone_data):
+-    """ Run rbldnsd with an ip6trie dataset
++    """ Run rbldnsd with an ip4trie dataset
+     """
+     dnsd = Rbldnsd()
+     dnsd.add_dataset('ip4trie', ZoneFile(zone_data))
+diff --git a/test_ip6trie.py b/test_ip6trie.py
+index d3600db..377c5dd 100644
+--- a/test_ip6trie.py
++++ b/test_ip6trie.py
+@@ -15,15 +15,6 @@ def ip6trie(zone_data):
+     dnsd.add_dataset('ip6trie', ZoneFile(zone_data))
+     return dnsd
+ 
+-def rfc3152(ip6addr, domain='example.com'):
+-    from socket import inet_pton, AF_INET6
+-    from struct import unpack
+-
+-    bytes = unpack("16B", inet_pton(AF_INET6, ip6addr))
+-    nibbles = '.'.join("%x.%x" % (byte & 0xf, (byte >> 4) & 0xf)
+-                       for byte in reversed(bytes))
+-    return "%s.%s" % (nibbles, domain)
+-
+ class TestIp6TrieDataset(unittest.TestCase):
+     def test_exclusion(self):
+         with ip6trie(["dead::/16 listed",
+@@ -31,5 +22,35 @@ class TestIp6TrieDataset(unittest.TestCase):
+             self.assertEqual(dnsd.query(rfc3152("dead::beef")), None)
+             self.assertEqual(dnsd.query(rfc3152("dead::beee")), "listed")
+ 
++
++def rfc3152(ip6addr, domain='example.com'):
++    return "%s.%s" % ('.'.join(reversed(_to_nibbles(ip6addr))), domain)
++
++def _to_nibbles(ip6addr):
++    """ Convert ip6 address (in rfc4291 notation) to a sequence of nibbles
++
++    NB: We avoid the use of socket.inet_pton(AF_INET6, ip6addr) here
++    because it fails (with 'error: can't use AF_INET6, IPv6 is
++    disabled') when python has been compiled without IPv6 support. See
++    http://www.corpit.ru/pipermail/rbldnsd/2013q3/001181.html
++
++    """
++    def _split_words(addr):
++        return [ int(w, 16) for w in addr.split(':') ] if addr else []
++
++    if '::' in ip6addr:
++        head, tail = [ _split_words(s) for s in ip6addr.split('::', 1) ]
++        nzeros = 8 - len(head) - len(tail)
++        assert nzeros >= 0
++        words = head + [ 0 ] * nzeros + tail
++    else:
++        words = _split_words(ip6addr)
++
++    assert len(words) == 8
++    for word in words:
++        assert 0 <= word <= 0xffff
++
++    return ''.join("%04x" % word for word in words)
++
+ if __name__ == '__main__':
+     unittest.main()
author	Robin H. Johnson <robbat2@gentoo.org>	2015-08-08 13:49:04 -0700
committer	Robin H. Johnson <robbat2@gentoo.org>	2015-08-08 17:38:18 -0700
commit	56bd759df1d0c750a065b8c845e93d5dfa6b549d (patch)
tree	3f91093cdb475e565ae857f1c5a7fd339e2d781e /net-dns/rbldnsd/files
download	gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.gz gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.bz2 gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.zip