net-irc/znc: bump to 1.7.1_rc1, fixes multiple vulnerabilities

Bug: https://bugs.gentoo.org/661228
Package-Manager: Portage-2.3.42, Repoman-2.3.9

3 files changed, 247 insertions, 0 deletions

diff --git a/net-irc/znc/Manifest b/net-irc/znc/Manifest
index c68a275dfe45..08205bafd488 100644
--- a/net-irc/znc/Manifest
+++ b/net-irc/znc/Manifest
@@ -3,3 +3,4 @@ DIST gtest-ba96d0b1161f540656efdaed035b3c062b60e006.tar.gz 987370 BLAKE2B fcedfe
 DIST znc-1.6.5.tar.gz 1470681 BLAKE2B 9de0b211280489423bc2894d0e76d7276aa42428d07d64516372a9ca6d1616db1f27c0142b54160c61cbee89d65ceadf941d001319254dbff9eb5b016988482e SHA512 d78603ac86d1fb92cdf591b1eb6d32fa19b0e39414bd69e1300c537051612ae590c43d3b8e4dd598cdff605bf3aa1d3d5d806edd428d15d50f733e1670f3e626
 DIST znc-1.6.6.tar.gz 1471612 BLAKE2B 8bd977a95417c4259e9f38759d838f55a146f376dc8bb6230ab6e1b698fb7c9e060cbc237efd4e836961314abab56cc02e7c6bc74e40bad17abaf06e47fbb516 SHA512 cc5bc7328bfe36525ab215b4b53c7cd20aa02b41e7bb28507ff9d9632560f4c30396804e4b828bca0ece19f42813e3fce59d1bae639ea5fc149059f6979e63e7
 DIST znc-1.7.0.tar.gz 1853666 BLAKE2B 3e519d4005a10a9a5329f22ab6abbd19dfa2c7cecb949c138bc72909eae8883576fc0352e3ac46b852b8c58f038150419720aa48791a1339b004206f3afc20e9 SHA512 718dec65dfa2374c568b2694e4faef1f8cf313ae96d171e2263656e077e0fae5f8037c69a23ae33f4ea314ac6e15480c7dccef73ad3ac9324eb79caca622d54b
+DIST znc-1.7.1-rc1.tar.gz 2041320 BLAKE2B 62669b598d7423cb55fad458fe6172be36904e8599dcde757936883093f24deb6a5ed6a093e3e92854810f02e96372f44139f9807e70e0cf007de90a1373c6a8 SHA512 b4e223c86c75bc97620c52333d90d6458a02777dce9c629f8a095f8134a06992a60978b2fe8bbce29ed1155932f9f37e0a324a498ee16527b0235e4306c34973
diff --git a/net-irc/znc/files/znc-1.7.1-inttest-dir.patch b/net-irc/znc/files/znc-1.7.1-inttest-dir.patch
new file mode 100644
index 000000000000..9aff2a9b64be
--- /dev/null
+++ b/net-irc/znc/files/znc-1.7.1-inttest-dir.patch
@@ -0,0 +1,64 @@
+commit 95f1c7e9081866ea1e716743ea039a74565f80c6
+Author: Louis Sautier <sautier.louis@gmail.com>
+Date:   Sun Jul 15 15:36:21 2018 +0200
+
+    Allow integration tests to be run inside a different root
+    
+    Based on DarthGandalf's patch submitted in
+    https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=15112014e7605d13624297d7601504b5d187a6de
+
+diff --git a/include/znc/znc.h b/include/znc/znc.h
+index ecb2b41a..a791a648 100644
+--- a/include/znc/znc.h
++++ b/include/znc/znc.h
+@@ -251,6 +251,7 @@ class CZNC : private CCoreTranslationMixin {
+     void DisableConfigTimer();
+ 
+     static void DumpConfig(const CConfig* Config);
++    static CString UnusualRoot();
+ 
+   private:
+     static CString FormatBindError();
+diff --git a/src/Modules.cpp b/src/Modules.cpp
+index 5aec7805..6f9c34ae 100644
+--- a/src/Modules.cpp
++++ b/src/Modules.cpp
+@@ -1899,9 +1899,10 @@ CModules::ModDirList CModules::GetModDirs() {
+     sDir = CZNC::Get().GetModPath() + "/";
+     ret.push(std::make_pair(sDir, sDir));
+ 
++    CString sUnusualRoot = CZNC::UnusualRoot();
+     // <moduledir> and <datadir> (<prefix>/lib/znc)
+-    ret.push(std::make_pair(_MODDIR_ + CString("/"),
+-                            _DATADIR_ + CString("/modules/")));
++    ret.push(std::make_pair(sUnusualRoot + _MODDIR_ + CString("/"),
++                            sUnusualRoot + _DATADIR_ + CString("/modules/")));
+ 
+     return ret;
+ }
+diff --git a/src/WebModules.cpp b/src/WebModules.cpp
+index a5841987..f1b8a421 100644
+--- a/src/WebModules.cpp
++++ b/src/WebModules.cpp
+@@ -565,7 +565,7 @@ CString CWebSock::GetSkinPath(const CString& sSkinName) {
+         sRet = CZNC::Get().GetCurPath() + "/webskins/" + sSkin;
+ 
+         if (!CFile::IsDir(sRet)) {
+-            sRet = CString(_SKINDIR_) + "/" + sSkin;
++            sRet = CZNC::UnusualRoot() + CString(_SKINDIR_) + "/" + sSkin;
+         }
+     }
+ 
+diff --git a/src/znc.cpp b/src/znc.cpp
+index 4e7216ee..dd901497 100644
+--- a/src/znc.cpp
++++ b/src/znc.cpp
+@@ -2130,3 +2130,8 @@ void CZNC::DisableConfigTimer() {
+         m_pConfigTimer = nullptr;
+     }
+ }
++
++CString CZNC::UnusualRoot() {
++    char* szUnusualRoot = getenv("ZNC_UNUSUAL_ROOT");
++    return szUnusualRoot ? szUnusualRoot : "";
++}
diff --git a/net-irc/znc/znc-1.7.1_rc1.ebuild b/net-irc/znc/znc-1.7.1_rc1.ebuild
new file mode 100644
index 000000000000..e59849a6e29b
--- /dev/null
+++ b/net-irc/znc/znc-1.7.1_rc1.ebuild
@@ -0,0 +1,182 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+PYTHON_COMPAT=( python3_{4,5,6} )
+
+inherit cmake-utils python-single-r1 readme.gentoo-r1 systemd user
+
+GTEST_VER="ba96d0b1161f540656efdaed035b3c062b60e006" # 1.8.0 is too old, but newer version not released yet
+GTEST_URL="https://github.com/google/googletest/archive/${GTEST_VER}.tar.gz -> gtest-${GTEST_VER}.tar.gz"
+DESCRIPTION="An advanced IRC Bouncer"
+
+if [[ ${PV} == *9999* ]]; then
+	inherit git-r3
+	EGIT_REPO_URI=${EGIT_REPO_URI:-"https://github.com/znc/znc.git"}
+	SRC_URI=""
+else
+	MY_PV=${PV/_/-}
+	MY_P=${PN}-${MY_PV}
+	SRC_URI="
+		https://znc.in/releases/archive/${MY_P}.tar.gz
+		test? ( ${GTEST_URL} )
+	"
+	KEYWORDS="~amd64 ~arm ~x86"
+	S=${WORKDIR}/${MY_P}
+fi
+
+HOMEPAGE="https://znc.in"
+LICENSE="Apache-2.0"
+SLOT="0"
+IUSE="+ipv6 +icu libressl nls perl python +ssl sasl tcl test +zlib"
+
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} icu )"
+
+RDEPEND="
+	icu? ( dev-libs/icu:= )
+	nls? ( dev-libs/boost:=[nls] )
+	perl? ( >=dev-lang/perl-5.10:= )
+	python? ( ${PYTHON_DEPS} )
+	sasl? ( >=dev-libs/cyrus-sasl-2 )
+	ssl? (
+		!libressl? ( dev-libs/openssl:0= )
+		libressl? ( dev-libs/libressl:0= )
+	)
+	tcl? ( dev-lang/tcl:0= )
+	zlib? ( sys-libs/zlib:0= )
+"
+DEPEND="
+	${RDEPEND}
+	virtual/pkgconfig
+	nls? ( sys-devel/gettext )
+	perl? ( >=dev-lang/swig-3.0.0 )
+	python? ( >=dev-lang/swig-3.0.0 )
+	test? ( dev-qt/qtnetwork:5 )
+"
+
+PATCHES=( "${FILESDIR}"/${PN}-1.7.1-inttest-dir.patch )
+
+pkg_setup() {
+	if use python; then
+		python-single-r1_pkg_setup
+	fi
+
+	enewgroup ${PN}
+	enewuser ${PN} -1 -1 /var/lib/${PN} ${PN}
+	# The home directory was previously set to /dev/null
+	# This caused a bug with the systemd unit
+	# https://bugs.gentoo.org/521916
+	esethome ${PN} /var/lib/${PN}
+}
+
+src_prepare() {
+	# Let SWIG rebuild modperl/modpython to make user patching easier.
+	if [[ ${PV} != *9999* ]]; then
+		rm modules/modperl/generated.tar.gz || die
+		rm modules/modpython/generated.tar.gz || die
+	fi
+
+	sed -i -e "s|DZNC_BIN_DIR:path=|DZNC_BIN_DIR:path=${T}/inttest|" \
+		test/CMakeLists.txt || die
+
+	cmake-utils_src_prepare
+}
+
+src_configure() {
+	local mycmakeargs=(
+		-DWANT_SYSTEMD=yes  # Causes -DSYSTEMD_DIR to be used.
+		-DSYSTEMD_DIR="$(systemd_get_systemunitdir)"
+		-DWANT_ICU="$(usex icu)"
+		-DWANT_IPV6="$(usex ipv6)"
+		-DWANT_I18N="$(usex nls)"
+		-DWANT_PERL="$(usex perl)"
+		-DWANT_PYTHON="$(usex python)"
+		-DWANT_CYRUS="$(usex sasl)"
+		-DWANT_OPENSSL="$(usex ssl)"
+		-DWANT_TCL="$(usex tcl)"
+		-DWANT_ZLIB="$(usex zlib)"
+	)
+
+	if [[ ${PV} != *9999* ]] && use test; then
+		export GTEST_ROOT="${WORKDIR}/googletest-${GTEST_VER}/googletest"
+		export GMOCK_ROOT="${WORKDIR}/googletest-${GTEST_VER}/googlemock"
+	fi
+
+	cmake-utils_src_configure
+}
+
+src_test() {
+	cmake-utils_src_make unittest
+	if has network-sandbox ${FEATURES}; then
+		cmake-utils_src_make install DESTDIR="${T}/inttest"
+		local filter='-'
+		if ! use perl; then
+			filter="${filter}:ZNCTest.Modperl*"
+		fi
+		if ! use python; then
+			filter="${filter}:ZNCTest.Modpython*"
+		fi
+		# CMAKE_PREFIX_PATH and CXXFLAGS are needed for znc-buildmod
+		# invocations from inside the test
+		GTEST_FILTER="${filter}" ZNC_UNUSUAL_ROOT="${T}/inttest" \
+			CMAKE_PREFIX_PATH="${T}/inttest/usr/share/znc/cmake" \
+			CXXFLAGS="${CXXFLAGS} -isystem ${T}/inttest/usr/include" \
+			cmake-utils_src_make inttest
+	else
+		# TODO: don't require sandbox after
+		# https://github.com/znc/znc/pull/1363 is implemented
+		ewarn "FEATURES=-network-sandbox; skipping integration tests which"
+		ewarn "temporary open local ports."
+	fi
+}
+
+src_install() {
+	cmake-utils_src_install
+
+	dodoc NOTICE
+	newinitd "${FILESDIR}"/znc.initd-r2 znc
+	newconfd "${FILESDIR}"/znc.confd-r1 znc
+
+	DOC_CONTENTS=$(<"${FILESDIR}/README.gentoo-r1") || die
+	DISABLE_AUTOFORMATTING=1
+	readme.gentoo_create_doc
+}
+
+pkg_postinst() {
+	if [[ -z "${REPLACING_VERSIONS}" ]]; then
+		# This is a new installation
+		readme.gentoo_print_elog
+	fi
+
+	if [[ -d "${EROOT%/}"/etc/znc ]]; then
+		ewarn "${EROOT%/}/etc/znc exists on your system."
+		ewarn "Due to the nature of the contents of that folder,"
+		ewarn "we have changed the default configuration to use"
+		ewarn "	${EROOT%/}/var/lib/znc"
+		ewarn "please move ${EROOT%/}/etc/znc to ${EROOT%/}/var/lib/znc"
+		ewarn "or adjust your service configuration."
+	fi
+}
+
+pkg_config() {
+	if [[ -e "${EROOT%/}/var/lib/znc" ]]; then
+		ewarn "${EROOT%/}/var/lib/znc already exists, aborting to avoid damaging"
+		ewarn "any existing configuration. If you are sure you want"
+		ewarn "to generate a new configuration, remove the folder"
+		ewarn "and try again."
+	else
+		einfo "Press enter to interactively create a new configuration file for znc."
+		einfo "To abort, press Control-C"
+		read
+		mkdir -p "${EROOT%/}/var/lib/znc" || die
+		chown -R ${PN}:${PN} "${EROOT%/}/var/lib/znc" ||
+			die "Setting permissions failed"
+		start-stop-daemon --start --user ${PN}:${PN} --env ZNC_NO_LAUNCH_AFTER_MAKECONF=1 \
+			"${EROOT%/}"/usr/bin/znc -- --makeconf --datadir "${EROOT%/}/var/lib/znc" ||
+			die "Config failed"
+		einfo
+		einfo "You can now start the znc service using the init system of your choice."
+		einfo "Don't forget to enable it if you want to use znc at boot."
+	fi
+}