Index: branches/2015Q4/devel/subversion17/Makefile.common =================================================================== --- branches/2015Q4/devel/subversion17/Makefile.common (revision 403812) +++ branches/2015Q4/devel/subversion17/Makefile.common (revision 403813) @@ -1,132 +1,136 @@ # Created by: rooneg@electricjellyfish.net # $FreeBSD$ PORTNAME= subversion PORTVERSION= 1.7.22 -PORTREVISION?= 0 +PORTREVISION?= 1 CATEGORIES+= devel MASTER_SITES= APACHE/subversion DIST_SUBDIR= subversion17 -PKGNAMESUFFIX= 17 +#PKGNAMESUFFIX= 17 + +DEPRECATED= See https://subversion.apache.org/docs/release-notes/1.9.html#svn-1.7-deprecation +EXPIRATION_DATE=2015-12-29 + USE_KDE4= # Used below if KWallet support is enabled GNU_CONFIGURE= yes USES+= tar:bzip2 pkgconfig libtool cpe LICENSE= APACHE20 CPE_VENDOR= apache CONFLICTS_INSTALL+= ${PKGNAMEPREFIX}${PORTNAME}${PKGNAMESUFFIX}-1.[^7].[0-9]* LIB_DEPENDS+= libapr-1.so:${PORTSDIR}/devel/apr1 \ libsqlite3.so:${PORTSDIR}/databases/sqlite3 \ libexpat.so:${PORTSDIR}/textproc/expat2 CONFIGURE_ARGS+= --without-swig \ --with-ssl \ --with-sqlite=${LOCALBASE} \ --with-expat=${LOCALBASE}/include:${LOCALBASE}/lib:expat .if defined(SVN_BUILD_BINDINGS) CONFLICTS_BUILD+= ${PORTNAME}-1.[^7].[0-9]* LIB_DEPENDS+= libsvn_client-1.so:${PORTSDIR}/devel/subversion17 OPTIONS_NAME= devel_subversion17 .endif # =============================================================== OPTIONS_SUB= yes #BDB_CONFIGURE_OFF= --with-berkeley-db=no BDB_USE= BDB=42+ GNOME_KEYRING_CONFIGURE_OFF= --without-gnome-keyring GNOME_KEYRING_CONFIGURE_ON= --with-gnome-keyring GNOME_KEYRING_LIB_DEPENDS= libgcr.so:${PORTSDIR}/security/gnome-keyring KDE_KWALLET_CONFIGURE_OFF= --without-kwallet KDE_KWALLET_CONFIGURE_ON= --with-kwallet=${KDE4_PREFIX} KDE_KWALLET_USE= KDE4=kdelibs,runtime MAINTAINER_DEBUG_CFLAGS= -g MAINTAINER_DEBUG_CONFIGURE_ON= --enable-maintainer-mode --enable-debug MOD_DAV_SVN_CONFIGURE_OFF= --with-apxs=no MOD_DAV_SVN_CONFIGURE_ON= --with-apxs=${APXS} MOD_DAV_SVN_USE= APACHE=22+ NEON_CONFIGURE_OFF= --without-neon NEON_CONFIGURE_ON= --with-neon=${LOCALBASE} NEON_LIB_DEPENDS= libneon.so:${PORTSDIR}/www/neon NLS_CONFIGURE_OFF= --disable-nls NLS_USES= gettext SASL_CONFIGURE_OFF= --without-sasl SASL_CONFIGURE_ON= --with-sasl=${LOCALBASE} SASL_LIB_DEPENDS= libsasl2.so:${PORTSDIR}/security/cyrus-sasl2 SERF_CONFIGURE_OFF= --without-serf SERF_CONFIGURE_ON= --with-serf=${LOCALBASE} SERF_LIB_DEPENDS= libserf-1.so:${PORTSDIR}/www/serf STATIC_CONFIGURE_ON= --enable-all-static # =============================================================== .include .if ${PORT_OPTIONS:MKDE_KWALLET} && !${PORT_OPTIONS:MNLS} IGNORE= KWallet requires OPTION NLS set to ON .endif APR_CONFIG= ${LOCALBASE}/bin/apr-1-config APU_CONFIG= ${LOCALBASE}/bin/apu-1-config CONFIGURE_ARGS+=--with-apr=${APR_CONFIG} --with-apr-util=${APU_CONFIG} .if ${ARCH} == "amd64" || ${ARCH} == "ia64" CFLAGS+= -fpic -DPIC .endif .if ${PORT_OPTIONS:MFREEBSD_TEMPLATE} && defined(ORGANIZATION) CFLAGS+= -DHAS_ORGANIZATION_NAME .endif # unbreak py-subversion .if !${PORT_OPTIONS:MBDB} CONFIGURE_ARGS+= --with-berkeley-db=no .endif .include pre-everything:: .if defined(SVN_BUILD_BINDINGS) .if ${PORT_OPTIONS:MSTATIC} @${ECHO_MSG} "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" @${ECHO_MSG} "!!! bindings and static build are not compatible !!!" @${ECHO_MSG} "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" @${FALSE} .endif .endif post-patch: .if ${PREFIX} != "/usr" @${REINPLACE_CMD} "s#/etc/subversion#${ETCDIR}#g" ${WRKSRC}/subversion/libsvn_subr/config_file.c @${REINPLACE_CMD} "s#/etc/subversion#${ETCDIR}#g" ${WRKSRC}/subversion/libsvn_subr/config_impl.h .endif @${REINPLACE_CMD} "s#^swig_pydir =.*#swig_pydir = ${PYTHON_SITELIBDIR}/libsvn#" ${WRKSRC}/Makefile.in @${REINPLACE_CMD} "s#^swig_pydir_extra =.*#swig_pydir_extra = ${PYTHON_SITELIBDIR}/svn#" ${WRKSRC}/Makefile.in .if defined(SVN_BUILD_BINDINGS) ${CP} ${FILESDIR}/build-outputs.mk.addons ${WRKSRC} .endif .if ${PORT_OPTIONS:MFREEBSD_TEMPLATE} && defined(ORGANIZATION) @${ECHO_CMD} "#define ORGANIZATION_NAME \"${ORGANIZATION}\"" > ${WRKSRC}/subversion/freebsd-organization.h .endif # shebangfix @${GREP} -Rl -e '#!/bin/b' -e '#!/bin/env' -e '#!/usr/bin/p' ${WRKSRC}/tools/ \ | ${XARGS} ${REINPLACE_CMD} -e '1s|#\!/bin/b|#\!/usr/local/bin/b|' \ -e '1s|#\!/bin/env|#\!/usr/bin/env|' \ -e '1s|#\!/usr/bin/p|#\!/usr/local/bin/p|' # remove all .bak files to clean the stage @${FIND} ${WRKSRC} -name '*.bak' -delete Index: branches/2015Q4/devel/subversion17/files/220_subversion.conf.sample.in =================================================================== --- branches/2015Q4/devel/subversion17/files/220_subversion.conf.sample.in (revision 403812) +++ branches/2015Q4/devel/subversion17/files/220_subversion.conf.sample.in (revision 403813) @@ -1,99 +1,104 @@ ## $FreeBSD$ ## vim: set filetype=apache: ## ## module file for subversion ## ## PROVIDE: mod_dav_svn mod_authz_svn mod_dontdothat ## REQUIRE: mod_dav ## make sure the following module is activated (httpd.conf or here) ## LoadModule dav_module %%APACHEMODDIR%%/mod_dav.so ## ========================================================================== ## Subversion modules ## ========================================================================== #LoadModule dav_svn_module %%APACHEMODDIR%%/mod_dav_svn.so #LoadModule authz_svn_module %%APACHEMODDIR%%/mod_authz_svn.so #LoadModule dontdothat_module %%APACHEMODDIR%%/mod_dontdothat.so ## ========================================================================== ## Example multi repo configuration from ## http://svnbook.red-bean.com/ ## ## The Printed book can be ordered from ## http://svnbook.red-bean.com/buy/ ## ## ========================================================================== ## Required apache24 modules for the example below: ## mod_alias mod_auth_digest, mod_authn_core, mod_authn_file, ## mod_authz_core, mod_authz_user, mod_dav ## ## ========================================================================== ## ## The trailing '/' in /svn/ is needed to browse repos with standart browser! ## RedirectMatch ^(/svn)$ $1/ ## ## Tuning: ## KeepAlive on ## MaxKeepAliveRequests 1000 ## ## # http://subversion.apache.org/docs/release-notes/1.7.html#server-performance-tuning ## # Calculate your own values! ## # For mod_dav_svn, a 1GB cache configuration with maximum data coverage looks like this ## ## SVNInMemoryCacheSize 1048576 ## SVNCacheFullTexts on ## SVNCacheTextDeltas on ## ## ## Multiple Repos with Digest auth: ## - AuthName is an arbitrary name that you choose for the authentication ## domain. Most browsers display this name in the dialog box when prompting ## for username and password. ## - AuthType specifies the type of authentication to use. ## - AuthUserFile specifies the location of the password file to use. ## ## ## +## +## RemoveEncoding .gz .tgz .Z +## RemoveType .gz .tgz .Z +## +## ## # Enable Subversion ## DAV svn ## ## # Directory containing all repository for this path ## SVNParentPath /space/svn/ ## ## # List repositories collection ## SVNListParentPath on ## ## # Disable WebDAV automatic versioning ## SVNAutoversioning off ## ## # Return a descriptive name for the repository. ## SVNReposName "Project XYZ repo" ## ## # Anonymous access ## AuthzSVNAnonymous off ## ## # XSL to display files ## SVNIndexXSLT "/style/svnindex.xsl" ## ## # Authentication: Digest ## AuthType Digest ## AuthName "SVN-repo" ## AuthDigestDomain /svn/ http://mirror.my.dom/svn2/ ## ## # You can use the htdigest program to create the password database: ## # htdigest -c "%%APACHEETCDIR%%/svn-auth.passwd" SVN-repo admin ## AuthDigestProvider file ## AuthUserFile %%APACHEETCDIR%%/svn-auth.passwd ## ## # Authorization: Authenticated users only ## Require valid-user ## ## # Do not limit large update requests ## LimitXMLRequestBody 0 ## ## ## ========================================================================== Index: branches/2015Q4/devel/subversion17/files/patch-subversion__mod_dav_svn__util.c =================================================================== --- branches/2015Q4/devel/subversion17/files/patch-subversion__mod_dav_svn__util.c (nonexistent) +++ branches/2015Q4/devel/subversion17/files/patch-subversion__mod_dav_svn__util.c (revision 403813) @@ -0,0 +1,18 @@ +http://subversion.apache.org/security/CVE-2015-5343-advisory.txt +================================================================ +--- subversion/mod_dav_svn/util.c.orig 2013-11-14 21:11:33 UTC ++++ subversion/mod_dav_svn/util.c +@@ -753,7 +753,12 @@ request_body_to_string(svn_string_t **re + + if (content_length) + { +- buf = svn_stringbuf_create_ensure(content_length, pool); ++ /* Do not allocate more than 1 MB until we receive request body. */ ++ apr_size_t alloc_len = 1 * 1024 *1024; ++ if (content_length < alloc_len) ++ alloc_len = (apr_size_t) content_length; ++ ++ buf = svn_stringbuf_create_ensure(alloc_len, pool); + } + else + { Property changes on: branches/2015Q4/devel/subversion17/files/patch-subversion__mod_dav_svn__util.c ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: branches/2015Q4/devel/subversion17/files/pkg-message.in =================================================================== --- branches/2015Q4/devel/subversion17/files/pkg-message.in (revision 403812) +++ branches/2015Q4/devel/subversion17/files/pkg-message.in (revision 403813) @@ -1,2 +1,6 @@ The subversion dav modules are no longer activated in httpd.conf! There is now a dedicated modules file in %%APACHEETCDIR%%/modules.d + +Attention: +subversion17 is deprecated and scheduled for removal! +Please consider updating to subversion 1.8/1.9 Index: branches/2015Q4 =================================================================== --- branches/2015Q4 (revision 403812) +++ branches/2015Q4 (revision 403813) Property changes on: branches/2015Q4 ___________________________________________________________________ Modified: svn:mergeinfo ## -0,0 +0,1 ## Merged /head:r403807