- SECURITY update to 0.99.18 (pointed out by Brad)

CVE-2010-1674 null pointer deref with malformed BGP Extended Communities CVE-2010-1675 BGP session reset with malformed AS-path - install info documentation - patches added: build fixes from upstream
2011-03-26 12:00:53 +00:00 · 2011-03-26 12:00:53 +00:00 · ef738c2300
commit ef738c2300
parent 17b63192b8
9 changed files with 145 additions and 14 deletions
--- a/net/quagga/Makefile
+++ b/net/quagga/Makefile
@ -1,8 +1,8 @@
-# $OpenBSD: Makefile,v 1.18 2010/11/19 22:31:37 espie Exp $
+# $OpenBSD: Makefile,v 1.19 2011/03/26 12:00:53 sthen Exp $

 COMMENT=	multi-threaded routing daemon

-DISTNAME=	quagga-0.99.17
+DISTNAME=	quagga-0.99.18
 SHARED_LIBS=    ospf	0.0     \
                zebra	0.0
 CATEGORIES=	net
@ -32,8 +32,8 @@ CONFIGURE_ARGS+=--includedir=${LOCALBASE}/include/quagga \
 		--localstatedir=${STATEDIR} \
 		--enable-user=_quagga \
 		--enable-group=_quagga \
+		--enable-vty-group=_quagga \
 		--enable-vtysh \
-		--enable-vtysh-group=_quagga \
 		--mandir=${LOCALBASE}/man \
 		--infodir=${LOCALBASE}/info
 CONFIGURE_ENV=	LIBS=-lcurses
@ -57,5 +57,6 @@ post-install:
 	${INSTALL_DATA_DIR} ${PREFIX}/share/doc/quagga
 	${INSTALL_DATA} ${WRKSRC}/README ${PREFIX}/share/doc/quagga
 	${INSTALL_DATA} ${WRKSRC}/SERVICES ${PREFIX}/share/doc/quagga
+	${INSTALL_DATA} ${WRKSRC}/doc/quagga.info* ${PREFIX}/info

 .include <bsd.port.mk>
--- a/net/quagga/distinfo
+++ b/net/quagga/distinfo
@ -1,5 +1,5 @@
-MD5 (quagga-0.99.17.tar.gz) = N7kCKtygSwOGPS15eH5kPw==
-RMD160 (quagga-0.99.17.tar.gz) = 8AvwGTD3ga4N6f6ZgcdOe64HmLU=
-SHA1 (quagga-0.99.17.tar.gz) = MfQvqfTZaq3xv5fD2b8zCOsNVsE=
-SHA256 (quagga-0.99.17.tar.gz) = HXffEhozTpUEtF5InufONb9HjifTPNJ5OiMoC1nZ79Q=
-SIZE (quagga-0.99.17.tar.gz) = 2202151
+MD5 (quagga-0.99.18.tar.gz) = WeMG6TpKHOFnYPIOkHXUcw==
+RMD160 (quagga-0.99.18.tar.gz) = jBPeh+ybc7SJfkOHp/rr28tsuCY=
+SHA1 (quagga-0.99.18.tar.gz) = NIaoRSISUV9CnfriytXtVBs9iNg=
+SHA256 (quagga-0.99.18.tar.gz) = DNvkuQB19Jl8puzHHvaDoHtKjKPHGAgP6D9LytvMTZM=
+SIZE (quagga-0.99.18.tar.gz) = 2199014
--- a/net/quagga/patches/patch-bgpd_bgp_attr_c
+++ b/net/quagga/patches/patch-bgpd_bgp_attr_c
@ -0,0 +1,18 @@
+$OpenBSD: patch-bgpd_bgp_attr_c,v 1.3 2011/03/26 12:00:53 sthen Exp $
+
+bgpd: attribute jhash call should use a standard interface to in6_addr data
+http://code.quagga.net/cgi-bin/gitweb.cgi?p=quagga.git;a=commitdiff;h=98e30f5db6dea65a5d6a176065cd0b60eb7bb001
+
+--- bgpd/bgp_attr.c.orig	Mon Mar 21 14:32:49 2011
+++ bgpd/bgp_attr.c	Sat Mar 26 11:16:31 2011
+@@ -373,8 +373,8 @@ attrhash_key_make (void *p)
+ 
+ #ifdef HAVE_IPV6
+       MIX(attr->extra->mp_nexthop_len);
+-      key = jhash2(attr->extra->mp_nexthop_global.s6_addr32, 4, key);
+-      key = jhash2(attr->extra->mp_nexthop_local.s6_addr32, 4, key);
+      key = jhash2(attr->extra->mp_nexthop_global.s6_addr, 16, key);
+      key = jhash2(attr->extra->mp_nexthop_local.s6_addr, 16, key);
+ #endif /* HAVE_IPV6 */
+     }
+ 
--- a/net/quagga/patches/patch-doc_Makefile_in
+++ b/net/quagga/patches/patch-doc_Makefile_in
@ -1,6 +1,6 @@
-$OpenBSD: patch-doc_Makefile_in,v 1.7 2010/09/24 09:30:04 sthen Exp $
--- doc/Makefile.in.orig	Thu Aug 19 10:43:02 2010
-+++ doc/Makefile.in	Wed Sep  1 12:08:39 2010
+$OpenBSD: patch-doc_Makefile_in,v 1.8 2011/03/26 12:00:53 sthen Exp $
+--- doc/Makefile.in.orig	Mon Mar 21 14:46:22 2011
+++ doc/Makefile.in	Sat Mar 26 10:21:55 2011
@@ -152,6 +152,7 @@ LIPO = @LIPO@
 LN_S = @LN_S@
 LTLIBOBJS = @LTLIBOBJS@
@ -9,7 +9,7 @@ $OpenBSD: patch-doc_Makefile_in,v 1.7 2010/09/24 09:30:04 sthen Exp $
 MKDIR_P = @MKDIR_P@
 MULTIPATH_NUM = @MULTIPATH_NUM@
 NM = @NM@
-@@ -373,7 +374,7 @@ clean-libtool:
+@@ -372,7 +373,7 @@ clean-libtool:
 
 .texi.dvi:
 	TEXINPUTS="$(am__TEXINFO_TEX_DIR)$(PATH_SEPARATOR)$$TEXINPUTS" \
@ -18,7 +18,7 @@ $OpenBSD: patch-doc_Makefile_in,v 1.7 2010/09/24 09:30:04 sthen Exp $
 	$(TEXI2DVI) $<
 
 .texi.pdf:
-@@ -749,7 +750,7 @@ install-info-am: $(INFO_DEPS)
+@@ -748,7 +749,7 @@ install-info-am: $(INFO_DEPS)
 	  case $$file in \
 	    $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \
 	  esac; \
--- a/net/quagga/patches/patch-ospfd_ospf_lsa_h
+++ b/net/quagga/patches/patch-ospfd_ospf_lsa_h
@ -0,0 +1,17 @@
+$OpenBSD: patch-ospfd_ospf_lsa_h,v 1.1 2011/03/26 12:00:53 sthen Exp $
+
+ospfd: Compile fix for opaque support
+http://code.quagga.net/cgi-bin/gitweb.cgi?p=quagga.git;a=commitdiff;h=d71ea65270408a45e4bec036671ec73b24b994b4
+
+--- ospfd/ospf_lsa.h.orig	Mon Mar 21 11:09:13 2011
+++ ospfd/ospf_lsa.h	Sat Mar 26 11:18:46 2011
+@@ -114,6 +114,9 @@ struct ospf_lsa
+ 
+   /* Refreshement List or Queue */
+   int refresh_list;
+  
+  /* For Type-9 Opaque-LSAs */
+  struct ospf_interface *oi;
+ };
+ 
+ /* OSPF LSA Link Type. */
--- a/net/quagga/patches/patch-ospfd_ospf_nsm_c
+++ b/net/quagga/patches/patch-ospfd_ospf_nsm_c
@ -0,0 +1,16 @@
+$OpenBSD: patch-ospfd_ospf_nsm_c,v 1.1 2011/03/26 12:00:53 sthen Exp $
+
+ospfd: Compile fix for opaque support
+http://code.quagga.net/cgi-bin/gitweb.cgi?p=quagga.git;a=commitdiff;h=d71ea65270408a45e4bec036671ec73b24b994b4
+
+--- ospfd/ospf_nsm.c.orig	Mon Mar 21 09:43:52 2011
+++ ospfd/ospf_nsm.c	Sat Mar 26 11:18:46 2011
+@@ -216,7 +216,7 @@ ospf_db_summary_add (struct ospf_neighbor *nbr, struct
+     {
+     case OSPF_OPAQUE_LINK_LSA:
+       /* Exclude type-9 LSAs that does not have the same "oi" with "nbr". */
+-      if (lsa->oi != nbr->oi)
+      if (nbr->oi && ospf_if_exists (lsa->oi) != nbr->oi)
+           return 0;
+       break;
+     case OSPF_OPAQUE_AREA_LSA:
--- a/net/quagga/patches/patch-ospfd_ospf_opaque_c
+++ b/net/quagga/patches/patch-ospfd_ospf_opaque_c
@ -0,0 +1,53 @@
+$OpenBSD: patch-ospfd_ospf_opaque_c,v 1.1 2011/03/26 12:00:53 sthen Exp $
+
+ospfd: Compile fix for opaque support
+http://code.quagga.net/cgi-bin/gitweb.cgi?p=quagga.git;a=commitdiff;h=d71ea65270408a45e4bec036671ec73b24b994b4
+
+--- ospfd/ospf_opaque.c.orig	Mon Mar 21 09:43:52 2011
+++ ospfd/ospf_opaque.c	Sat Mar 26 11:18:46 2011
+@@ -251,7 +251,7 @@ struct ospf_opaque_functab
+   void (* config_write_debug )(struct vty *vty);
+   void (* show_opaque_info   )(struct vty *vty, struct ospf_lsa *lsa);
+   int  (* lsa_originator)(void *arg);
+-  void (* lsa_refresher )(struct ospf_lsa *lsa);
+  struct ospf_lsa *(* lsa_refresher )(struct ospf_lsa *lsa);
+   int (* new_lsa_hook)(struct ospf_lsa *lsa);
+   int (* del_lsa_hook)(struct ospf_lsa *lsa);
+ };
+@@ -354,7 +354,7 @@ ospf_register_opaque_functab (
+   void (* config_write_debug )(struct vty *vty),
+   void (* show_opaque_info   )(struct vty *vty, struct ospf_lsa *lsa),
+   int  (* lsa_originator)(void *arg),
+-  void (* lsa_refresher )(struct ospf_lsa *lsa),
+  struct ospf_lsa *(* lsa_refresher )(struct ospf_lsa *lsa),
+   int (* new_lsa_hook)(struct ospf_lsa *lsa),
+   int (* del_lsa_hook)(struct ospf_lsa *lsa))
+ {
+@@ -1608,12 +1608,13 @@ out:
+   return new;
+ }
+ 
+-void
+struct ospf_lsa *
+ ospf_opaque_lsa_refresh (struct ospf_lsa *lsa)
+ {
+   struct ospf *ospf;
+   struct ospf_opaque_functab *functab;
+-
+  struct ospf_lsa *new = NULL;
+  
+   ospf = ospf_lookup ();
+ 
+   if ((functab = ospf_opaque_functab_lookup (lsa)) == NULL
+@@ -1633,9 +1634,9 @@ ospf_opaque_lsa_refresh (struct ospf_lsa *lsa)
+       ospf_lsa_flush (ospf, lsa);
+     }
+   else
+-    (* functab->lsa_refresher)(lsa);
+    new = (* functab->lsa_refresher)(lsa);
+ 
+-  return;
+  return new;
+ }
+ 
+ /*------------------------------------------------------------------------*
--- a/net/quagga/patches/patch-ospfd_ospf_opaque_h
+++ b/net/quagga/patches/patch-ospfd_ospf_opaque_h
@ -0,0 +1,25 @@
+$OpenBSD: patch-ospfd_ospf_opaque_h,v 1.1 2011/03/26 12:00:53 sthen Exp $
+
+ospfd: Compile fix for opaque support
+http://code.quagga.net/cgi-bin/gitweb.cgi?p=quagga.git;a=commitdiff;h=d71ea65270408a45e4bec036671ec73b24b994b4
+
+--- ospfd/ospf_opaque.h.orig	Mon Mar 21 09:43:52 2011
+++ ospfd/ospf_opaque.h	Sat Mar 26 11:18:46 2011
+@@ -120,7 +120,7 @@ ospf_register_opaque_functab (
+   void (* config_write_debug )(struct vty *vty),
+   void (* show_opaque_info   )(struct vty *vty, struct ospf_lsa *lsa),
+   int  (* lsa_originator)(void *arg),
+-  void (* lsa_refresher )(struct ospf_lsa *lsa),
+  struct ospf_lsa *(* lsa_refresher )(struct ospf_lsa *lsa),
+   int (* new_lsa_hook)(struct ospf_lsa *lsa),
+   int (* del_lsa_hook)(struct ospf_lsa *lsa)
+ );
+@@ -143,7 +143,7 @@ extern void ospf_opaque_lsa_originate_schedule (struct
+ 						int *init_delay);
+ extern struct ospf_lsa *ospf_opaque_lsa_install (struct ospf_lsa *,
+ 						 int rt_recalc);
+-extern void ospf_opaque_lsa_refresh (struct ospf_lsa *lsa);
+extern struct ospf_lsa *ospf_opaque_lsa_refresh (struct ospf_lsa *lsa);
+ 
+ extern void ospf_opaque_lsa_reoriginate_schedule (void *lsa_type_dependent,
+ 						  u_char lsa_type,
--- a/net/quagga/pkg/PLIST
+++ b/net/quagga/pkg/PLIST
@ -1,4 +1,4 @@
-@comment $OpenBSD: PLIST,v 1.9 2009/02/18 00:37:53 sthen Exp $
+@comment $OpenBSD: PLIST,v 1.10 2011/03/26 12:00:53 sthen Exp $
@conflict zebra-*
@newgroup _quagga:525
@newuser _quagga:525:_quagga:daemon:Quagga Account:/nonexistent:/sbin/nologin
@ -54,6 +54,7 @@ include/quagga/quagga/workqueue.h
 include/quagga/quagga/zassert.h
 include/quagga/quagga/zclient.h
 include/quagga/quagga/zebra.h
+@info info/quagga.info
 lib/libospf.a
 lib/libospf.la
 lib/libzebra.a