Fixed protobuf-c-text and most warnings

author: Stephan Eisvogel 2017-05-28 18:08:57 +0200
committer: Stephan Eisvogel 2017-05-28 18:08:57 +0200
commit: 6d5a9ff651a4c4fa6933bf2eb2a8c47415234795 (patch)
tree: b476f322eaf2cd405a6b6d2ab37e895d619897b7 /PKGBUILD
parent: 660eeb459aa19f296e479954cd13175553b1e892 (diff)
download: aur-6d5a9ff651a4c4fa6933bf2eb2a8c47415234795.tar.gz
1 files changed, 51 insertions, 11 deletions
diff --git a/PKGBUILD b/PKGBUILD
index dbb8bd18afec..e8118d475d0e 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -1,16 +1,25 @@
 # Maintainer: Stephan Eisvogel <eisvogel at embinet dot de>
 pkgname=nsjail-git
-pkgver=r426.0585f08
+pkgver=r437.8e00976
 pkgrel=1
 pkgdesc="A light-weight process isolation tool, making use of Linux namespaces and seccomp-bpf syscall filters (with help of the kafel bpf language)"
 arch=('x86_64')
 url="http://nsjail.com"
 license=('Apache')
-makedepends=('git' 'autoconf-archive>2016.03.20' 'doxygen' 're2c' 'check>=0.9.4')
-#depends=('libnl>=3' 'protobuf-c')
-depends=('libnl>=3')
-source=("${pkgname}::git+git://github.com/google/nsjail.git")
-sha256sums=('SKIP')
+makedepends=('git' 'autoconf-archive>2016.03.20' 'doxygen' 'graphviz' 're2c' 'check>=0.9.4')
+depends=('libnl>=3' 'protobuf-c')
+source=("${pkgname}::git+git://github.com/google/nsjail.git#commit=8e00976f4976bb546e669fa2b3a586abba8ef4cd"
+		"https://github.com/trustm3/external_protobuf-c-text/commit/c37f8708d847319921a3fba7d6863103f6b801e2.patch"
+		"https://github.com/trustm3/external_protobuf-c-text/commit/620db2f1a5bf9a1468a2f54ef904977133267aa2.patch"
+		"https://github.com/trustm3/external_protobuf-c-text/commit/ccb50d69f833b4417ba66690a0257a8a64eab6ec.patch"
+		"https://github.com/trustm3/external_protobuf-c-text/commit/b79ba3f1cd350a9ebc4929fa9d63368b460b8877.patch"
+		"https://github.com/trustm3/external_protobuf-c-text/commit/6a8727066180615e7767b550b491e4ef4d0db514.patch")
+sha256sums=('SKIP'
+			'ff97c12f9415cc662fb688111c8bc0e7136ff0fb7651e24eaa80bf10c3d62685'
+			'50cc5cb09e47ddaaf666541e231429311313233a98ead550b1d46ddc0863ef1b'
+			'78b4e3c5d66b7e26e25c91f62f2a3fc599356bddac8cb174a2d708d5fc2d997a'
+			'970a3b464e63f5b544fb5e41f7aa6cee13161f12f79d002086fc2aab6aa765f5'
+			'd9289f5b146a036dfafaa7b0cc6ecca73ab32b454ef1bef5c512874391174df2')
 provides=('nsjail')
 
 pkgver() {
@@ -20,24 +29,55 @@ pkgver() {
 
 prepare() {
 	cd "${srcdir}/${pkgname}"
+
+	# Populate kafel and protobuf-c-text submodules
 	git submodule update --init
+
+	# Package maintainer fixes
+
+	# Fix automake breakage
 	sed -i '/^include am\/aminclude_doxygen.am/c@DX_RULES@' protobuf-c-text/Makefile.am
+	# Fix wrong variable usage
 	sed -i 's/\$(GREP) \/libdata\//\$GREP \/libdata\//' protobuf-c-text/configure.ac
+	# Delete stack protector flag, Arch has its own through makepkg
 	sed -i 's/-fstack-protector-all //' Makefile
+	# Introduce EXTRA_FLAGS to preserve makepkg CFLAGS
+	sed -i '/CC ?= gcc/aEXTRA_CFLAGS := $(CFLAGS)' Makefile
+	# Build protobuf-c-text with with different CFLAGS (libs need PIC instead of PIE etc.)
+	sed -i 's/-fPIC/\$(EXTRA_CFLAGS) -fPIC/' Makefile
+	# Fix bison warning
+	cd kafel
+	sed -i '/if (!ctxt->lexical_error) {/aYYUSE(scanner);' src/parser.y
+	cd ..
+
+	# 3rd party fixes
+
+	cd protobuf-c-text
+	# Added Android.mk file for integration into Android build system and fixed includes
+	patch -Np1 -i "$srcdir/c37f8708d847319921a3fba7d6863103f6b801e2.patch"
+	# Fix wrong integer en- and decoding in protobuf-c-text library
+	patch -Np1 -i "$srcdir/620db2f1a5bf9a1468a2f54ef904977133267aa2.patch"
+	# Added sanity check for size passed to memcpy
+	patch -Np1 -i "$srcdir/ccb50d69f833b4417ba66690a0257a8a64eab6ec.patch"
+	# esc_str: escape with octal as unsigned (buffer overflow otherwise)
+	patch -Np1 -i "$srcdir/b79ba3f1cd350a9ebc4929fa9d63368b460b8877.patch"
+	# Fixes bad mallocs and memcpys caused by invalid input
+	patch -Np1 -i "$srcdir/6a8727066180615e7767b550b491e4ef4d0db514.patch"	
 }
 
 package() {
 	cd "${srcdir}/${pkgname}"
-	# Build without protobuf-c-text support for now, because of build bugs
-	make USE_PROTOBUF=no
+	make
 
 	install -d "${pkgdir}/etc/nsjail"
 	install -d "${pkgdir}/usr/share/${pkgname}/examples"
-	install -Ds nsjail "${pkgdir}/usr/bin/nsjail"
+	install -D nsjail "${pkgdir}/usr/bin/nsjail"
 	install -m644 configs/*.cfg "${pkgdir}/usr/share/${pkgname}/examples"
 	install -m644 LICENSE CONTRIBUTING README.md "${pkgdir}/usr/share/${pkgname}/"
 	echo > "${pkgdir}/etc/nsjail/.placeholder"
 
-	echo -e "\nTip: Your kernel should have CONFIG_USER_NS=y to chroot as a normal user."
-	echo -e "     Verify using e.g. this command: zgrep CONFIG_USER_NS /proc/config.gz\n"
+	echo -e "\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
+	echo -e "Tip: Your kernel should have CONFIG_USER_NS=y to chroot as a normal user."
+	echo -e "     Verify using e.g. this command: zgrep CONFIG_USER_NS /proc/config.gz"
+	echo -e "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n"
 }
author	Stephan Eisvogel	2017-05-28 18:08:57 +0200
committer	Stephan Eisvogel	2017-05-28 18:08:57 +0200
commit	6d5a9ff651a4c4fa6933bf2eb2a8c47415234795 (patch)
tree	b476f322eaf2cd405a6b6d2ab37e895d619897b7 /PKGBUILD
parent	660eeb459aa19f296e479954cd13175553b1e892 (diff)
download	aur-6d5a9ff651a4c4fa6933bf2eb2a8c47415234795.tar.gz