public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #54616 from Mic92/net_snmp

Browse Source 
net_snmp: 5.7.3 -> 5.8
This commit is contained in:
Jörg Thalheim 2019-02-08 20:56:49 +00:00 committed by GitHub
commit d18052fe3e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 22 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
pkgs/servers/monitoring/net-snmp/0002-autoconf-version.patch Normal file
View File

@ -0,0 +1,7 @@
diff --git a/dist/autoconf-version b/dist/autoconf-version
index 264f2ce..5e1b8b0 100644
--- a/dist/autoconf-version
+++ b/dist/autoconf-version
@@ -1 +1 @@
-2.68
+2.69

30
pkgs/servers/monitoring/net-snmp/CVE-2018-18065.patch
View File

@ -1,30 +0,0 @@
commit 7ffb8e25a0db851953155de91f0170e9bf8c457d
Author: Robert Story <rstory@freesnmp.com>
Date: Thu Oct 6 10:43:10 2016 -0400
CHANGES: BUG: 2743: snmpd crashes when receiving a GetNext PDU with multiple Varbinds
skip out-of-range varbinds when calling next handler
diff --git a/agent/helpers/table.c b/agent/helpers/table.c
index 32a08033a..2666638b5 100644
--- a/agent/helpers/table.c
+++ b/agent/helpers/table.c
@@ -340,6 +340,8 @@ table_helper_handler(netsnmp_mib_handler *handler,
else if (reqinfo->mode == MODE_GET)
table_helper_cleanup(reqinfo, request,
SNMP_NOSUCHOBJECT);
+ else
+ request->processed = 1; /* skip if next handler called */
continue;
}
@@ -409,6 +411,8 @@ table_helper_handler(netsnmp_mib_handler *handler,
else if (reqinfo->mode == MODE_GET)
table_helper_cleanup(reqinfo, request,
SNMP_NOSUCHOBJECT);
+ else
+ request->processed = 1; /* skip if next handler called */
continue;
}
/*

35
pkgs/servers/monitoring/net-snmp/default.nix
View File

@ -1,11 +1,11 @@
{ stdenv, fetchurl, fetchpatch, autoreconfHook, file, openssl, perl, unzip }: { stdenv, fetchurl, fetchpatch, autoreconfHook, file, openssl, perl, perlPackages, unzip, nettools, ncurses }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "net-snmp-5.7.3"; name = "net-snmp-5.8";
src = fetchurl { src = fetchurl {
url = "mirror://sourceforge/net-snmp/${name}.zip"; url = "mirror://sourceforge/net-snmp/${name}.tar.gz";
sha256 = "0gkss3zclm23zwpqfhddca8278id7pk6qx1mydpimdrrcndwgpz8"; sha256 = "1pvajzj9gmj56dmwix0ywmkmy2pglh6nny646hkm7ghfhh03bz5j";
}; };
patches = patches =
@ -14,23 +14,11 @@ stdenv.mkDerivation rec {
inherit name sha256; inherit name sha256;
}; };
in [ in [
(fetchAlpinePatch "CVE-2015-5621.patch" "05098jyvd9ddr5q26z7scbbvk1bk6x4agpjm6pyprvpc1zpi0y09")
(fetchAlpinePatch "fix-Makefile-PL.patch" "14ilnkj3cr6mpi242hrmmmv8nv4dj0fdgn42qfk9aa7scwsc0lc7")
(fetchAlpinePatch "fix-includes.patch" "0zpkbb6k366qpq4dax5wknwprhwnhighcp402mlm7950d39zfa3m") (fetchAlpinePatch "fix-includes.patch" "0zpkbb6k366qpq4dax5wknwprhwnhighcp402mlm7950d39zfa3m")
(fetchAlpinePatch "netsnmp-swinst-crash.patch" "0gh164wy6zfiwiszh58fsvr25k0ns14r3099664qykgpmickkqid") (fetchAlpinePatch "netsnmp-swinst-crash.patch" "0gh164wy6zfiwiszh58fsvr25k0ns14r3099664qykgpmickkqid")
(fetchAlpinePatch "remove-U64-typedef.patch" "1msxyhcqkvhqa03dwb50288g7f6nbrcd9cs036m9xc8jdgjb8k8j") ./0002-autoconf-version.patch
./CVE-2018-18065.patch
]; ];
preConfigure =
''
perlarchname=$(perl -e 'use Config; print $Config{archname};')
installFlags="INSTALLSITEARCH=$out/${perl.libPrefix}/${perl.version}/$perlarchname INSTALLSITEMAN3DIR=$out/share/man/man3"
# http://article.gmane.org/gmane.network.net-snmp.user/32434
substituteInPlace "man/Makefile.in" --replace 'grep -vE' '@EGREP@ -v'
'';
configureFlags = configureFlags =
[ "--with-default-snmp-version=3" [ "--with-default-snmp-version=3"
"--with-sys-location=Unknown" "--with-sys-location=Unknown"
@ -38,13 +26,20 @@ stdenv.mkDerivation rec {
"--with-logfile=/var/log/net-snmpd.log" "--with-logfile=/var/log/net-snmpd.log"
"--with-persistent-directory=/var/lib/net-snmp" "--with-persistent-directory=/var/lib/net-snmp"
"--with-openssl=${openssl.dev}" "--with-openssl=${openssl.dev}"
"--disable-embedded-perl"
"--without-perl-modules"
] ++ stdenv.lib.optional stdenv.isLinux "--with-mnttab=/proc/mounts"; ] ++ stdenv.lib.optional stdenv.isLinux "--with-mnttab=/proc/mounts";
nativeBuildInputs = [ autoreconfHook ]; postPatch = ''
buildInputs = [ file perl unzip openssl ]; substituteInPlace testing/fulltests/support/simple_TESTCONF.sh --replace "/bin/netstat" "${nettools}/bin/netstat"
'';
nativeBuildInputs = [ autoreconfHook nettools ];
buildInputs = [ file perl unzip openssl ncurses ];
propagatedBuildInputs = with perlPackages; [ perl JSON Tk TermReadKey ];
enableParallelBuilding = true; enableParallelBuilding = true;
doCheck = false; # fails doCheck = false; # tries to use networking
postInstall = '' postInstall = ''
for f in "$out/lib/"*.la $out/bin/net-snmp-config $out/bin/net-snmp-create-v3-user; do for f in "$out/lib/"*.la $out/bin/net-snmp-config $out/bin/net-snmp-create-v3-user; do