mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-21 21:32:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

subversion: update to 1.9.2

Browse Source 
Drop backported CVE fix patches
libtool2.patch has been rebased and renamed to 0001-Fix-libtool-name-in-configure.ac.patch
LICENSE checksum has been updated because more 3rd party attributions have been added to it,
it's otherwise still Apache 2.

(From OE-Core rev: b57f57ea092f93bd7e1268b04c7d3c4af2149a77)

Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Alexander Kanavin
2015-12-07 19:46:49 +02:00
committed by Richard Purdie
parent 39260c39e5
commit 21e35df191
7 changed files with 41 additions and 2469 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
meta/recipes-devtools/subversion/subversion-1.8.13/libtool2.patch
View File

@@ -1,15 +0,0 @@
Upstream-Status: Inappropriate [embedded specific]
--- a/configure.ac 2011-10-20 21:56:02.230663987 +0200
+++ b/configure.ac 2011-08-17 15:01:30.000000000 +0200
@@ -227,8 +227,8 @@
LIBTOOL="$sh_libtool"
SVN_LIBTOOL="$sh_libtool"
else
- sh_libtool="$abs_builddir/libtool"
- SVN_LIBTOOL="\$(SHELL) $sh_libtool"
+ sh_libtool="$abs_builddir/$host_alias-libtool"
+ SVN_LIBTOOL="\$(SHELL) \$(abs_builddir)/$host_alias-libtool"
fi
AC_SUBST(SVN_LIBTOOL)

2094
meta/recipes-devtools/subversion/subversion-1.8.13/subversion-CVE-2015-3184.patch
View File

File diff suppressed because it is too large Load Diff

346
meta/recipes-devtools/subversion/subversion-1.8.13/subversion-CVE-2015-3187.patch
View File

@@ -1,346 +0,0 @@
Fix CVE-2015-3187
Patch is from:
http://subversion.apache.org/security/CVE-2015-3187-advisory.txt
Upstream-Status: Backport
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Index: subversion/libsvn_repos/rev_hunt.c
===================================================================
--- a/subversion/libsvn_repos/rev_hunt.c (revision 1685077)
+++ b/subversion/libsvn_repos/rev_hunt.c (working copy)
@@ -726,23 +726,6 @@ svn_repos_trace_node_locations(svn_fs_t *fs,
if (! prev_path)
break;
- if (authz_read_func)
- {
- svn_boolean_t readable;
- svn_fs_root_t *tmp_root;
-
- SVN_ERR(svn_fs_revision_root(&tmp_root, fs, revision, currpool));
- SVN_ERR(authz_read_func(&readable, tmp_root, path,
- authz_read_baton, currpool));
- if (! readable)
- {
- svn_pool_destroy(lastpool);
- svn_pool_destroy(currpool);
-
- return SVN_NO_ERROR;
- }
- }
-
/* Assign the current path to all younger revisions until we reach
the copy target rev. */
while ((revision_ptr < revision_ptr_end)
@@ -765,6 +748,20 @@ svn_repos_trace_node_locations(svn_fs_t *fs,
path = prev_path;
revision = prev_rev;
+ if (authz_read_func)
+ {
+ svn_boolean_t readable;
+ SVN_ERR(svn_fs_revision_root(&root, fs, revision, currpool));
+ SVN_ERR(authz_read_func(&readable, root, path,
+ authz_read_baton, currpool));
+ if (!readable)
+ {
+ svn_pool_destroy(lastpool);
+ svn_pool_destroy(currpool);
+ return SVN_NO_ERROR;
+ }
+ }
+
/* Clear last pool and switch. */
svn_pool_clear(lastpool);
tmppool = lastpool;
Index: subversion/tests/cmdline/authz_tests.py
===================================================================
--- a/subversion/tests/cmdline/authz_tests.py (revision 1685077)
+++ b/subversion/tests/cmdline/authz_tests.py (working copy)
@@ -609,8 +609,10 @@ def authz_log_and_tracing_test(sbox):
## cat
+ expected_err2 = ".*svn: E195012: Unable to find repository location.*"
+
# now see if we can look at the older version of rho
- svntest.actions.run_and_verify_svn(None, None, expected_err,
+ svntest.actions.run_and_verify_svn(None, None, expected_err2,
'cat', '-r', '2', D_url+'/rho')
if sbox.repo_url.startswith('http'):
@@ -627,10 +629,11 @@ def authz_log_and_tracing_test(sbox):
svntest.actions.run_and_verify_svn(None, None, expected_err,
'diff', '-r', 'HEAD', G_url+'/rho')
- svntest.actions.run_and_verify_svn(None, None, expected_err,
+ # diff treats the unreadable path as indicating an add so no error
+ svntest.actions.run_and_verify_svn(None, None, [],
'diff', '-r', '2', D_url+'/rho')
- svntest.actions.run_and_verify_svn(None, None, expected_err,
+ svntest.actions.run_and_verify_svn(None, None, [],
'diff', '-r', '2:4', D_url+'/rho')
# test whether read access is correctly granted and denied
Index: subversion/tests/libsvn_repos/repos-test.c
===================================================================
--- a/subversion/tests/libsvn_repos/repos-test.c (revision 1685077)
+++ b/subversion/tests/libsvn_repos/repos-test.c (working copy)
@@ -3524,6 +3524,245 @@ test_load_r0_mergeinfo(const svn_test_opts_t *opts
return SVN_NO_ERROR;
}
+static svn_error_t *
+mkdir_delete_copy(svn_repos_t *repos,
+ const char *src,
+ const char *dst,
+ apr_pool_t *pool)
+{
+ svn_fs_t *fs = svn_repos_fs(repos);
+ svn_revnum_t youngest_rev;
+ svn_fs_txn_t *txn;
+ svn_fs_root_t *txn_root, *rev_root;
+
+ SVN_ERR(svn_fs_youngest_rev(&youngest_rev, fs, pool));
+
+ SVN_ERR(svn_fs_begin_txn(&txn, fs, youngest_rev, pool));
+ SVN_ERR(svn_fs_txn_root(&txn_root, txn, pool));
+ SVN_ERR(svn_fs_make_dir(txn_root, "A/T", pool));
+ SVN_ERR(svn_repos_fs_commit_txn(NULL, repos, &youngest_rev, txn, pool));
+
+ SVN_ERR(svn_fs_begin_txn(&txn, fs, youngest_rev, pool));
+ SVN_ERR(svn_fs_txn_root(&txn_root, txn, pool));
+ SVN_ERR(svn_fs_delete(txn_root, "A/T", pool));
+ SVN_ERR(svn_repos_fs_commit_txn(NULL, repos, &youngest_rev, txn, pool));
+
+ SVN_ERR(svn_fs_begin_txn(&txn, fs, youngest_rev, pool));
+ SVN_ERR(svn_fs_txn_root(&txn_root, txn, pool));
+ SVN_ERR(svn_fs_revision_root(&rev_root, fs, youngest_rev - 1, pool));
+ SVN_ERR(svn_fs_copy(rev_root, src, txn_root, dst, pool));
+ SVN_ERR(svn_repos_fs_commit_txn(NULL, repos, &youngest_rev, txn, pool));
+
+ return SVN_NO_ERROR;
+}
+
+struct authz_read_baton_t {
+ apr_hash_t *paths;
+ apr_pool_t *pool;
+ const char *deny;
+};
+
+static svn_error_t *
+authz_read_func(svn_boolean_t *allowed,
+ svn_fs_root_t *root,
+ const char *path,
+ void *baton,
+ apr_pool_t *pool)
+{
+ struct authz_read_baton_t *b = baton;
+
+ if (b->deny && !strcmp(b->deny, path))
+ *allowed = FALSE;
+ else
+ *allowed = TRUE;
+
+ svn_hash_sets(b->paths, apr_pstrdup(b->pool, path), (void*)1);
+
+ return SVN_NO_ERROR;
+}
+
+static svn_error_t *
+verify_locations(apr_hash_t *actual,
+ apr_hash_t *expected,
+ apr_hash_t *checked,
+ apr_pool_t *pool)
+{
+ apr_hash_index_t *hi;
+
+ for (hi = apr_hash_first(pool, expected); hi; hi = apr_hash_next(hi))
+ {
+ const svn_revnum_t *rev = svn__apr_hash_index_key(hi);
+ const char *path = apr_hash_get(actual, rev, sizeof(svn_revnum_t));
+
+ if (!path)
+ return svn_error_createf(SVN_ERR_TEST_FAILED, NULL,
+ "expected %s for %d found (null)",
+ (char*)svn__apr_hash_index_val(hi),
+ (int)*rev);
+ else if (strcmp(path, svn__apr_hash_index_val(hi)))
+ return svn_error_createf(SVN_ERR_TEST_FAILED, NULL,
+ "expected %s for %d found %s",
+ (char*)svn__apr_hash_index_val(hi),
+ (int)*rev, path);
+
+ }
+
+ for (hi = apr_hash_first(pool, actual); hi; hi = apr_hash_next(hi))
+ {
+ const svn_revnum_t *rev = svn__apr_hash_index_key(hi);
+ const char *path = apr_hash_get(expected, rev, sizeof(svn_revnum_t));
+
+ if (!path)
+ return svn_error_createf(SVN_ERR_TEST_FAILED, NULL,
+ "found %s for %d expected (null)",
+ (char*)svn__apr_hash_index_val(hi),
+ (int)*rev);
+ else if (strcmp(path, svn__apr_hash_index_val(hi)))
+ return svn_error_createf(SVN_ERR_TEST_FAILED, NULL,
+ "found %s for %d expected %s",
+ (char*)svn__apr_hash_index_val(hi),
+ (int)*rev, path);
+
+ if (!svn_hash_gets(checked, path))
+ return svn_error_createf(SVN_ERR_TEST_FAILED, NULL,
+ "did not check %s", path);
+ }
+
+ return SVN_NO_ERROR;
+}
+
+static void
+set_expected(apr_hash_t *expected,
+ svn_revnum_t rev,
+ const char *path,
+ apr_pool_t *pool)
+{
+ svn_revnum_t *rp = apr_palloc(pool, sizeof(svn_revnum_t));
+ *rp = rev;
+ apr_hash_set(expected, rp, sizeof(svn_revnum_t), path);
+}
+
+static svn_error_t *
+trace_node_locations_authz(const svn_test_opts_t *opts,
+ apr_pool_t *pool)
+{
+ svn_repos_t *repos;
+ svn_fs_t *fs;
+ svn_revnum_t youngest_rev = 0;
+ svn_fs_txn_t *txn;
+ svn_fs_root_t *txn_root;
+ struct authz_read_baton_t arb;
+ apr_array_header_t *revs = apr_array_make(pool, 10, sizeof(svn_revnum_t));
+ apr_hash_t *locations;
+ apr_hash_t *expected = apr_hash_make(pool);
+ int i;
+
+ /* Create test repository. */
+ SVN_ERR(svn_test__create_repos(&repos, "test-repo-trace-node-locations-authz",
+ opts, pool));
+ fs = svn_repos_fs(repos);
+
+ /* r1 create A */
+ SVN_ERR(svn_fs_begin_txn(&txn, fs, youngest_rev, pool));
+ SVN_ERR(svn_fs_txn_root(&txn_root, txn, pool));
+ SVN_ERR(svn_fs_make_dir(txn_root, "A", pool));
+ SVN_ERR(svn_fs_make_file(txn_root, "A/f", pool));
+ SVN_ERR(svn_test__set_file_contents(txn_root, "A/f", "foobar", pool));
+ SVN_ERR(svn_repos_fs_commit_txn(NULL, repos, &youngest_rev, txn, pool));
+
+ /* r4 copy A to B */
+ SVN_ERR(mkdir_delete_copy(repos, "A", "B", pool));
+
+ /* r7 copy B to C */
+ SVN_ERR(mkdir_delete_copy(repos, "B", "C", pool));
+
+ /* r10 copy C to D */
+ SVN_ERR(mkdir_delete_copy(repos, "C", "D", pool));
+
+ SVN_ERR(svn_fs_youngest_rev(&youngest_rev, fs, pool));
+ SVN_ERR_ASSERT(youngest_rev == 10);
+
+ arb.paths = apr_hash_make(pool);
+ arb.pool = pool;
+ arb.deny = NULL;
+
+ apr_array_clear(revs);
+ for (i = 0; i <= youngest_rev; ++i)
+ APR_ARRAY_PUSH(revs, svn_revnum_t) = i;
+ set_expected(expected, 10, "/D/f", pool);
+ set_expected(expected, 8, "/C/f", pool);
+ set_expected(expected, 7, "/C/f", pool);
+ set_expected(expected, 5, "/B/f", pool);
+ set_expected(expected, 4, "/B/f", pool);
+ set_expected(expected, 2, "/A/f", pool);
+ set_expected(expected, 1, "/A/f", pool);
+ apr_hash_clear(arb.paths);
+ SVN_ERR(svn_repos_trace_node_locations(fs, &locations, "D/f", 10, revs,
+ authz_read_func, &arb, pool));
+ SVN_ERR(verify_locations(locations, expected, arb.paths, pool));
+
+ apr_array_clear(revs);
+ for (i = 1; i <= youngest_rev; ++i)
+ APR_ARRAY_PUSH(revs, svn_revnum_t) = i;
+ apr_hash_clear(arb.paths);
+ SVN_ERR(svn_repos_trace_node_locations(fs, &locations, "D/f", 10, revs,
+ authz_read_func, &arb, pool));
+ SVN_ERR(verify_locations(locations, expected, arb.paths, pool));
+
+ apr_array_clear(revs);
+ for (i = 2; i <= youngest_rev; ++i)
+ APR_ARRAY_PUSH(revs, svn_revnum_t) = i;
+ set_expected(expected, 1, NULL, pool);
+ apr_hash_clear(arb.paths);
+ SVN_ERR(svn_repos_trace_node_locations(fs, &locations, "D/f", 10, revs,
+ authz_read_func, &arb, pool));
+ SVN_ERR(verify_locations(locations, expected, arb.paths, pool));
+
+ apr_array_clear(revs);
+ for (i = 3; i <= youngest_rev; ++i)
+ APR_ARRAY_PUSH(revs, svn_revnum_t) = i;
+ set_expected(expected, 2, NULL, pool);
+ apr_hash_clear(arb.paths);
+ SVN_ERR(svn_repos_trace_node_locations(fs, &locations, "D/f", 10, revs,
+ authz_read_func, &arb, pool));
+ SVN_ERR(verify_locations(locations, expected, arb.paths, pool));
+
+ apr_array_clear(revs);
+ for (i = 6; i <= youngest_rev; ++i)
+ APR_ARRAY_PUSH(revs, svn_revnum_t) = i;
+ set_expected(expected, 5, NULL, pool);
+ set_expected(expected, 4, NULL, pool);
+ apr_hash_clear(arb.paths);
+ SVN_ERR(svn_repos_trace_node_locations(fs, &locations, "D/f", 10, revs,
+ authz_read_func, &arb, pool));
+ SVN_ERR(verify_locations(locations, expected, arb.paths, pool));
+
+ arb.deny = "/B/f";
+ apr_array_clear(revs);
+ for (i = 0; i <= youngest_rev; ++i)
+ APR_ARRAY_PUSH(revs, svn_revnum_t) = i;
+ apr_hash_clear(arb.paths);
+ SVN_ERR(svn_repos_trace_node_locations(fs, &locations, "D/f", 10, revs,
+ authz_read_func, &arb, pool));
+ SVN_ERR(verify_locations(locations, expected, arb.paths, pool));
+
+ apr_array_clear(revs);
+ for (i = 6; i <= youngest_rev; ++i)
+ APR_ARRAY_PUSH(revs, svn_revnum_t) = i;
+ apr_hash_clear(arb.paths);
+ SVN_ERR(svn_repos_trace_node_locations(fs, &locations, "D/f", 10, revs,
+ authz_read_func, &arb, pool));
+ SVN_ERR(verify_locations(locations, expected, arb.paths, pool));
+
+ APR_ARRAY_PUSH(revs, svn_revnum_t) = 0;
+ apr_hash_clear(arb.paths);
+ SVN_ERR(svn_repos_trace_node_locations(fs, &locations, "D/f", 10, revs,
+ authz_read_func, &arb, pool));
+ SVN_ERR(verify_locations(locations, expected, arb.paths, pool));
+
+ return SVN_NO_ERROR;
+}
+
/* The test table. */
struct svn_test_descriptor_t test_funcs[] =
@@ -3573,5 +3812,7 @@ struct svn_test_descriptor_t test_funcs[] =
"test dumping with r0 mergeinfo"),
SVN_TEST_OPTS_PASS(test_load_r0_mergeinfo,
"test loading with r0 mergeinfo"),
+ SVN_TEST_OPTS_PASS(trace_node_locations_authz,
+ "authz for svn_repos_trace_node_locations"),
SVN_TEST_NULL
};

29
meta/recipes-devtools/subversion/subversion/0001-Fix-libtool-name-in-configure.ac.patch Normal file
View File

@@ -0,0 +1,29 @@
From cbcfe0399347989e45a8fb695f55c855d6b3da72 Mon Sep 17 00:00:00 2001
From: Alexander Kanavin <alex.kanavin@gmail.com>
Date: Mon, 7 Dec 2015 17:11:02 +0200
Subject: [PATCH] Fix libtool name in configure.ac
Upstream-Status: Inappropriate [embedded specific]
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
---
configure.ac | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/configure.ac b/configure.ac
index 4ed66d4..ceb64f9 100644
--- a/configure.ac
+++ b/configure.ac
@@ -221,8 +221,8 @@ if test "$experimental_libtool" = "yes"; then
LIBTOOL="$sh_libtool"
SVN_LIBTOOL="$sh_libtool"
else
- sh_libtool="$abs_builddir/libtool"
- SVN_LIBTOOL="\$(SHELL) \"$sh_libtool\""
+ sh_libtool="$abs_builddir/$host_alias-libtool"
+ SVN_LIBTOOL="\$(SHELL) \$(abs_builddir)/$host_alias-libtool"
fi
AC_SUBST(SVN_LIBTOOL)
--
2.6.2

0
meta/recipes-devtools/subversion/subversion-1.8.13/disable_macos.patch → meta/recipes-devtools/subversion/subversion/disable_macos.patch
View File

14
meta/recipes-devtools/subversion/subversion-1.8.13/serf.m4-Regex-modified-to-allow-D-in-paths.patch → meta/recipes-devtools/subversion/subversion/serf.m4-Regex-modified-to-allow-D-in-paths.patch
View File

@@ -18,15 +18,15 @@ diff --git a/build/ac-macros/serf.m4 b/build/ac-macros/serf.m4
index ae11e75..ff8cbae 100644
--- a/build/ac-macros/serf.m4
+++ b/build/ac-macros/serf.m4
@@ -143,7 +143,7 @@ AC_DEFUN(SVN_SERF_PKG_CONFIG,
if $PKG_CONFIG $serf_major --atleast-version=$serf_check_version; then
@@ -168,7 +168,7 @@
if $PKG_CONFIG $serf_pc_arg --atleast-version=$serf_check_version; then
AC_MSG_RESULT([yes])
serf_found=yes
- SVN_SERF_INCLUDES=[`$PKG_CONFIG $serf_major --cflags | $SED -e 's/-D[^ ]*//g'`]
+ SVN_SERF_INCLUDES=[`$PKG_CONFIG $serf_major --cflags | $SED -e 's/[[:space:]]-D[^ ]*//g' -e 's/^-D[^ ]*//g'`]
SVN_SERF_LIBS=`$PKG_CONFIG $serf_major --libs`
break
else
- SVN_SERF_INCLUDES=[`$PKG_CONFIG $serf_pc_arg --cflags | $SED -e 's/-D[^ ]*//g'`]
+ SVN_SERF_INCLUDES=[`$PKG_CONFIG $serf_pc_arg --cflags | $SED -e 's/ -D[^ ]*//g' -e 's/^-D[^ ]*//g'`]
SVN_SERF_LIBS=`$PKG_CONFIG $serf_pc_arg --libs-only-l`
dnl don't use --libs-only-L because then we might miss some options
LDFLAGS=["$LDFLAGS `$PKG_CONFIG $serf_pc_arg --libs | $SED -e 's/-l[^ ]*//g'`"]
--
1.8.4.5

12
meta/recipes-devtools/subversion/subversion_1.8.13.bb → meta/recipes-devtools/subversion/subversion_1.9.2.bb
View File

@@ -11,16 +11,14 @@ BBCLASSEXTEND = "native"
inherit gettext pythonnative
SRC_URI = "${APACHE_MIRROR}/${BPN}/${BPN}-${PV}.tar.bz2 \
file://libtool2.patch \
file://disable_macos.patch \
file://serf.m4-Regex-modified-to-allow-D-in-paths.patch \
file://subversion-CVE-2015-3184.patch \
file://subversion-CVE-2015-3187.patch \
"
SRC_URI[md5sum] = "4413417b529d7bdf82f74e50df02e88b"
SRC_URI[sha256sum] = "1099cc68840753b48aedb3a27ebd1e2afbcc84ddb871412e5d500e843d607579"
file://0001-Fix-libtool-name-in-configure.ac.patch \
"
SRC_URI[md5sum] = "0a7e55bb58fe77072f19e108a56b468b"
SRC_URI[sha256sum] = "023da881139b4514647b6f8a830a244071034efcaad8c8e98c6b92393122b4eb"
LIC_FILES_CHKSUM = "file://LICENSE;md5=1c2f0119e478700b5428e26386cff923"
LIC_FILES_CHKSUM = "file://LICENSE;md5=af81ae49ba359e70626c05e9bf313709"
PACKAGECONFIG[sasl] = "--with-sasl,--without-sasl,cyrus-sasl"
PACKAGECONFIG[gnome-keyring] = "--with-gnome-keyring,--without-gnome-keyring,glib-2.0 gnome-keyring"