pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/net/zeromq zeromq: updated to 4.3.2



details:   https://anonhg.NetBSD.org/pkgsrc/rev/c7e36270c7d8
branches:  trunk
changeset: 337605:c7e36270c7d8
user:      adam <adam%pkgsrc.org@localhost>
date:      Fri Aug 09 12:01:34 2019 +0000

description:
zeromq: updated to 4.3.2

libzmq 4.3.2

CVE-2019-13132: a remote, unauthenticated client connecting to a
libzmq application, running with a socket listening with CURVE
encryption/authentication enabled, may cause a stack overflow and
overwrite the stack with arbitrary data, due to a buffer overflow in
the library. Users running public servers with the above configuration
are highly encouraged to upgrade as soon as possible, as there are no
known mitigations. All versions from 4.0.0 and upwards are affected.
Thank you Fang-Pen Lin for finding the issue and reporting it!

New DRAFT (see NEWS for 4.2.0) zmq_socket_monitor_versioned API that supports
a versioned monitoring events protocol as a parameter. Passing 1 results in
the same behaviour as zmq_socket_monitor.
Version 2 of the events protocol allows new events, new metadata, different
socket types for the monitors and more. It is described in details in
doc/zmq_socket_monitor_versioned.txt

New DRAFT (see NEWS for 4.2.0) zmq_socket_monitor_pipes_stats that triggers
a new ZMQ_EVENT_PIPES_STATS to be delivered via zmq_socket_monitor_versioned
v2 API, which contains the current status of all the queues owned by the
monitored socket. See doc/zmq_socket_monitor_versioned.txt for details.

New DRAFT (see NEWS for 4.2.0) zmq_poller_fd that returns the FD of a thread
safe socket. See doc/zmq_poller.txt for details.

New DRAFT (see NEWS for 4.2.0) socket options:

ZMQ_XPUB_MANUAL_LAST_VALUE is similar to ZMQ_XPUB_MANUAL but allows to avoid
duplicates when using last value caching.
ZMQ_SOCKS_USERNAME and ZMQ_SOCKS_PASSWORD that implement SOCKS5 proxy
authentication.
See doc/zmq_setsockopt.txt and doc/zmq_getsockopt.txt for details.
Implemented background thread names for Windows, when the Visual Studio
debugger is being used.

Fixed 3358 - test_security_zap failing due to SIGBUS on SPARC64, hard-coded
IPC socket binds in tests cause race conditions

Fixed 3361 - enabling GSSAPI support (when using autools) does not work due
to regression introduced in 4.2.3

Fixed 3362 - remove documentation for ZMQ_THREAD_PRIORITY context option
getter, it's not implemented

Fixed 3363 - tests fail to build due to stricter compiler printf validation
in new versions of GCC

Fixed 3367 - try to infer cacheline size at build time, first with
getconf LEVEL1_DCACHE_LINESIZE, and then by reading
/sys/devices/system/cpu/cpu0/cache/index0/coherency_line_size
(autoconf only), and only then falling back to the previous
default of 64 bytes. Avoids false sharing on POWER and s390x.
Import ax_func_posix_memalign.m4 as a more reliable check for
posix_memalign presence on some unix platforms.
Prefer c++11 atomic primitives to compiler intrinsics, when
both are available, as the former is more reliable.
Set test_pair_ipc and test_rebind_ipc to XFAIL on GNU/Hurd due
to non-functioning getsockname on AF_UNIX.

Fixed 3370 - Make queue length and HWM state observable

Fixed 3373 - performance regression in zmq_poll on CentOS 6/7

Fixed 3375 - assign names to all pthreads created by the library to ease
debugging

Fixed 3376 - assigned random TIPC port is not returned by ZMQ_LAST_ENDPOINT

Fixed 3385 - TCP port in ZMQ_LAST_ENDPOINT depends on global locale

Fixed 3404 - use std::condition_variable_any when possible

Fixed 3436 - reconnect interval exponential backoff and may lead to integer
overflows

Fixed 3440 - improve zmq_proxy performance by batching of up to 1000
consecutive messages (if any) and add perf/proxy_thr tool

Fixed 3451 - fix support of /dev/poll on Solaris

Fixed 3452 - strnlen may not be available

Fixed 1462 - test failure in test_filter_ipc due to invalid system groups

Fixed 3269 - Boost.ASIO integration stopped working with v4.3.0

Fixed 3479 - ZeroMQ does not build for QNX 6.6 with CMake

Fixed 3481 - add include to fix uClibc++ compilation

Fixed 3491 - build broken on Fedora 30

Fixed 3494 - ZeroMQConfig.cmake fails if shared libraries are not built

Fixed 3498 - syntax error on Windows related to socket descriptor type

Fixed 3500 - PLAIN HELLO message incorrectly uses WELCOME literal, regression
introduced in 4.3.0

Fixed 3517 - configure errors because of syntax errors in the use of test
shell command

Fixed 3521 - document how to achieve high performance with the PGM transport

Fixed 3526 - failure case behavior unclear in zmq_msg_send documentation

Fixed 3537 - fix build on z/OS by using pthread_equal instead of comparing
variables directly

Fixed 3546 - CMake links with librt on MinGW which is not available

Many coding style, duplication, testing and static analysis improvements.

diffstat:

 net/zeromq/Makefile                            |   4 +-
 net/zeromq/PLIST                               |   3 +-
 net/zeromq/distinfo                            |  15 ++---
 net/zeromq/patches/patch-configure             |  64 --------------------------
 net/zeromq/patches/patch-src_ipc__listener.cpp |  14 ++--
 net/zeromq/patches/patch-src_tcp__listener.cpp |   6 +-
 6 files changed, 21 insertions(+), 85 deletions(-)

diffs (163 lines):

diff -r d1c0e0c06fc4 -r c7e36270c7d8 net/zeromq/Makefile
--- a/net/zeromq/Makefile       Fri Aug 09 09:07:00 2019 +0000
+++ b/net/zeromq/Makefile       Fri Aug 09 12:01:34 2019 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.30 2019/02/14 13:04:37 adam Exp $
+# $NetBSD: Makefile,v 1.31 2019/08/09 12:01:34 adam Exp $
 
-DISTNAME=      zeromq-4.3.1
+DISTNAME=      zeromq-4.3.2
 CATEGORIES=    net devel
 MASTER_SITES=  ${MASTER_SITE_GITHUB:=zeromq/}
 GITHUB_PROJECT=        libzmq
diff -r d1c0e0c06fc4 -r c7e36270c7d8 net/zeromq/PLIST
--- a/net/zeromq/PLIST  Fri Aug 09 09:07:00 2019 +0000
+++ b/net/zeromq/PLIST  Fri Aug 09 12:01:34 2019 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.9 2019/02/14 13:04:37 adam Exp $
+@comment $NetBSD: PLIST,v 1.10 2019/08/09 12:01:34 adam Exp $
 bin/curve_keygen
 include/zmq.h
 include/zmq_utils.h
@@ -52,6 +52,7 @@
 man/man3/zmq_setsockopt.3
 man/man3/zmq_socket.3
 man/man3/zmq_socket_monitor.3
+man/man3/zmq_socket_monitor_versioned.3
 man/man3/zmq_strerror.3
 man/man3/zmq_timers.3
 man/man3/zmq_unbind.3
diff -r d1c0e0c06fc4 -r c7e36270c7d8 net/zeromq/distinfo
--- a/net/zeromq/distinfo       Fri Aug 09 09:07:00 2019 +0000
+++ b/net/zeromq/distinfo       Fri Aug 09 12:01:34 2019 +0000
@@ -1,9 +1,8 @@
-$NetBSD: distinfo,v 1.28 2019/02/14 13:04:37 adam Exp $
+$NetBSD: distinfo,v 1.29 2019/08/09 12:01:34 adam Exp $
 
-SHA1 (zeromq-4.3.1.tar.gz) = 6cce22d830eaf95feff7cab00744df13ad7ab7f3
-RMD160 (zeromq-4.3.1.tar.gz) = 43e14ed3c0ca6f7de39cbc74f206e700bb469c39
-SHA512 (zeromq-4.3.1.tar.gz) = b80388a3703993425cdd73054139a8e2895aedb9992ea68d6eadb4ea39b9af576ea14f306dfb432e4c24535feb6b293f82fac5679b655d258f0f921f2b71e772
-Size (zeromq-4.3.1.tar.gz) = 1490122 bytes
-SHA1 (patch-configure) = b0e3d865b3eddf93461aff6674a64c7cc9fc1f01
-SHA1 (patch-src_ipc__listener.cpp) = fdaa86b9c13b5c3f7e9dff3934085a4138fac279
-SHA1 (patch-src_tcp__listener.cpp) = e09f1df0f1c117a317a8a731404daf84f2996700
+SHA1 (zeromq-4.3.2.tar.gz) = e5253bff214f77621b3d29443f1aa6e5a106ffe5
+RMD160 (zeromq-4.3.2.tar.gz) = 01621ad7d28f7eb2de939441bd1b4f2c21fb3663
+SHA512 (zeromq-4.3.2.tar.gz) = b6251641e884181db9e6b0b705cced7ea4038d404bdae812ff47bdd0eed12510b6af6846b85cb96898e253ccbac71eca7fe588673300ddb9c3109c973250c8e4
+Size (zeromq-4.3.2.tar.gz) = 1697442 bytes
+SHA1 (patch-src_ipc__listener.cpp) = 08b79008e5c331e6cb603244a91abddc55454678
+SHA1 (patch-src_tcp__listener.cpp) = 8960a2f5e4d59aa8e4e5fd29a4770e9d1b04a21a
diff -r d1c0e0c06fc4 -r c7e36270c7d8 net/zeromq/patches/patch-configure
--- a/net/zeromq/patches/patch-configure        Fri Aug 09 09:07:00 2019 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,64 +0,0 @@
-$NetBSD: patch-configure,v 1.7 2019/02/14 13:04:37 adam Exp $
-
-Portability fixes.
-
---- configure.orig     2019-01-12 16:18:01.000000000 +0000
-+++ configure
-@@ -19450,7 +19450,7 @@ if test "${enable_address_sanitizer+set}
- fi
- 
- 
--if test "x${ZMQ_ASAN}" == "xyes"; then
-+if test "x${ZMQ_ASAN}" = "xyes"; then
-     CFLAGS="${CFLAGS} -fsanitize=address"
-     CXXFLAGS="${CXXFLAGS} -fsanitize=address"
- 
-@@ -20853,12 +20853,12 @@ if test "${with_api_poller+set}" = set; 
- fi
- 
- 
--    if test "x$with_poller" == "x"; then
-+    if test "x$with_poller" = "x"; then
-         pollers=auto
-     else
-         pollers=$with_poller
-     fi
--    if test "$pollers" == "auto"; then
-+    if test "$pollers" = "auto"; then
-         # We search for pollers in this order
-         pollers="kqueue epoll devpoll pollset poll select"
-     fi
-@@ -21297,13 +21297,13 @@ $as_echo "#define ZMQ_IOTHREAD_POLLER_US
-     if test $poller_found -eq 0; then
-         as_fn_error $? "None of '$pollers' are valid pollers on this platform" "$LINENO" 5
-     fi
--    if test "x$with_api_poller" == "x"; then
-+    if test "x$with_api_poller" = "x"; then
-         with_api_poller=auto
-     fi
--      if test "x$with_api_poller" == "xauto"; then
--              if test $poller == "select"; then
-+      if test "x$with_api_poller" = "xauto"; then
-+              if test $poller = "select"; then
-                       api_poller=select
--              elif test $poller == "wepoll"; then
-+              elif test $poller = "wepoll"; then
-                       api_poller=select
-               else
-                       api_poller=poll
-@@ -21311,13 +21311,13 @@ $as_echo "#define ZMQ_IOTHREAD_POLLER_US
-       else
-               api_poller=$with_api_poller
-       fi
--      if test "$api_poller" == "select"; then
-+      if test "$api_poller" = "select"; then
-               { $as_echo "$as_me:${as_lineno-$LINENO}: Using 'select' zmq_poll(er)_* API polling system" >&5
- $as_echo "$as_me: Using 'select' zmq_poll(er)_* API polling system" >&6;}
- 
- $as_echo "#define ZMQ_POLL_BASED_ON_SELECT 1" >>confdefs.h
- 
--      elif test "$api_poller" == "poll"; then
-+      elif test "$api_poller" = "poll"; then
-               { $as_echo "$as_me:${as_lineno-$LINENO}: Using 'poll' zmq_poll(er)_* API polling system" >&5
- $as_echo "$as_me: Using 'poll' zmq_poll(er)_* API polling system" >&6;}
- 
diff -r d1c0e0c06fc4 -r c7e36270c7d8 net/zeromq/patches/patch-src_ipc__listener.cpp
--- a/net/zeromq/patches/patch-src_ipc__listener.cpp    Fri Aug 09 09:07:00 2019 +0000
+++ b/net/zeromq/patches/patch-src_ipc__listener.cpp    Fri Aug 09 12:01:34 2019 +0000
@@ -1,18 +1,18 @@
-$NetBSD: patch-src_ipc__listener.cpp,v 1.3 2018/01/13 18:22:42 adam Exp $
+$NetBSD: patch-src_ipc__listener.cpp,v 1.4 2019/08/09 12:01:34 adam Exp $
 
 NetBSD<8 has SOCK_CLOEXEC -- but uses it with paccept, not accept4
 
---- src/ipc_listener.cpp.orig  2017-12-13 13:37:08.000000000 +0000
+--- src/ipc_listener.cpp.orig  2019-07-08 16:19:27.000000000 +0000
 +++ src/ipc_listener.cpp
-@@ -383,7 +383,11 @@ zmq::fd_t zmq::ipc_listener_t::accept ()
+@@ -350,7 +350,11 @@ zmq::fd_t zmq::ipc_listener_t::accept ()
      //  resources is considered valid and treated by ignoring the connection.
-     zmq_assert (s != retired_fd);
+     zmq_assert (_s != retired_fd);
  #if defined ZMQ_HAVE_SOCK_CLOEXEC && defined HAVE_ACCEPT4
 +#if defined(__NetBSD__)
-+    fd_t sock = ::paccept (s, NULL, NULL, NULL, SOCK_CLOEXEC);
++    fd_t sock = ::paccept (_s, NULL, NULL, NULL, SOCK_CLOEXEC);
 +#else
-     fd_t sock = ::accept4 (s, NULL, NULL, SOCK_CLOEXEC);
+     fd_t sock = ::accept4 (_s, NULL, NULL, SOCK_CLOEXEC);
 +#endif
  #else
-     fd_t sock = ::accept (s, NULL, NULL);
+     fd_t sock = ::accept (_s, NULL, NULL);
  #endif
diff -r d1c0e0c06fc4 -r c7e36270c7d8 net/zeromq/patches/patch-src_tcp__listener.cpp
--- a/net/zeromq/patches/patch-src_tcp__listener.cpp    Fri Aug 09 09:07:00 2019 +0000
+++ b/net/zeromq/patches/patch-src_tcp__listener.cpp    Fri Aug 09 12:01:34 2019 +0000
@@ -1,10 +1,10 @@
-$NetBSD: patch-src_tcp__listener.cpp,v 1.4 2019/02/14 13:04:37 adam Exp $
+$NetBSD: patch-src_tcp__listener.cpp,v 1.5 2019/08/09 12:01:34 adam Exp $
 
 NetBSD<8 has SOCK_CLOEXEC, but uses it with paccept, not accept4
 
---- src/tcp_listener.cpp.orig  2019-01-12 16:17:39.000000000 +0000
+--- src/tcp_listener.cpp.orig  2019-07-08 16:19:27.000000000 +0000
 +++ src/tcp_listener.cpp
-@@ -291,8 +291,13 @@ zmq::fd_t zmq::tcp_listener_t::accept ()
+@@ -202,8 +202,13 @@ zmq::fd_t zmq::tcp_listener_t::accept ()
      socklen_t ss_len = sizeof (ss);
  #endif
  #if defined ZMQ_HAVE_SOCK_CLOEXEC && defined HAVE_ACCEPT4



Home | Main Index | Thread Index | Old Index