Initial import (#1511435).
This commit is contained in:
Elliott Sales de Andrade
parent
bbda7f209e
commit
d3bc37c2ce
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
||||
/httpuv_1.3.5.tar.gz
|
||||
46
215.patch
Normal file
46
215.patch
Normal file
@ -0,0 +1,46 @@
|
||||
From 2773e1181dfb1e10fc2e3bfd3ffd83c71b730408 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Sa=C3=BAl=20Ibarra=20Corretg=C3=A9?= <saghul@gmail.com>
|
||||
Date: Mon, 10 Feb 2014 17:41:51 +0100
|
||||
Subject: [PATCH] unix: call setgoups before calling setuid/setgid
|
||||
|
||||
Backported from v1.x (66ab389)
|
||||
|
||||
PR-URL: https://github.com/libuv/libuv/pull/215
|
||||
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
|
||||
---
|
||||
src/unix/process.c | 15 +++++++++++++++
|
||||
1 file changed, 15 insertions(+)
|
||||
|
||||
diff --git a/src/unix/process.c b/src/unix/process.c
|
||||
index 19686a291..d1f9440c5 100644
|
||||
--- a/src/unix/process.c
|
||||
+++ b/src/unix/process.c
|
||||
@@ -40,6 +40,10 @@
|
||||
extern char **environ;
|
||||
#endif
|
||||
|
||||
+#ifdef __linux__
|
||||
+# include <grp.h>
|
||||
+#endif
|
||||
+
|
||||
|
||||
static ngx_queue_t* uv__process_queue(uv_loop_t* loop, int pid) {
|
||||
assert(pid > 0);
|
||||
@@ -322,6 +326,17 @@ static void uv__process_child_init(uv_process_options_t options,
|
||||
_exit(127);
|
||||
}
|
||||
|
||||
+ if (options.flags & (UV_PROCESS_SETUID | UV_PROCESS_SETGID)) {
|
||||
+ /* When dropping privileges from root, the `setgroups` call will
|
||||
+ * remove any extraneous groups. If we don't call this, then
|
||||
+ * even though our uid has dropped, we may still have groups
|
||||
+ * that enable us to do super-user things. This will fail if we
|
||||
+ * aren't root, so don't bother checking the return value, this
|
||||
+ * is just done as an optimistic privilege dropping function.
|
||||
+ */
|
||||
+ SAVE_ERRNO(setgroups(0, NULL));
|
||||
+ }
|
||||
+
|
||||
if ((options.flags & UV_PROCESS_SETGID) && setgid(options.gid)) {
|
||||
uv__write_int(error_fd, errno);
|
||||
perror("setgid()");
|
||||
82
R-httpuv.spec
Normal file
82
R-httpuv.spec
Normal file
@ -0,0 +1,82 @@
|
||||
%global packname httpuv
|
||||
%global rlibdir %{_libdir}/R/library
|
||||
|
||||
Name: R-%{packname}
|
||||
Version: 1.3.5
|
||||
Release: 2%{?dist}
|
||||
Summary: HTTP and WebSocket Server Library
|
||||
|
||||
# Main: GPLv3; http-parser & libuv: MIT; sha1: Public Domain
|
||||
License: GPLv3 and MIT and Public Domain
|
||||
URL: https://cran.r-project.org/web/packages/%{packname}/index.html
|
||||
Source0: https://cran.r-project.org/src/contrib/%{packname}_%{version}.tar.gz
|
||||
# https://github.com/libuv/libuv/pull/215; CVE-2015-0278
|
||||
Patch0001: 215.patch
|
||||
|
||||
# Here's the R view of the dependencies world:
|
||||
# Depends: R-methods
|
||||
# Imports: R-Rcpp R-utils
|
||||
# Suggests:
|
||||
# LinkingTo:
|
||||
# Enhances:
|
||||
|
||||
Requires: R-methods
|
||||
Requires: R-Rcpp R-utils
|
||||
BuildRequires: R-devel tex(latex) R-methods
|
||||
BuildRequires: R-Rcpp-devel R-utils
|
||||
# Hopefully will be removable in the next release, which also upgrades the
|
||||
# internal copies.
|
||||
Provides: bundled(http-parser) = 2.0.0
|
||||
Provides: bundled(libuv) = 0.10.13
|
||||
|
||||
%description
|
||||
Provides low-level socket and protocol support for handling HTTP and
|
||||
WebSocket requests directly from within R. It is primarily intended as a
|
||||
building block for other packages, rather than making it particularly easy
|
||||
to create complete web applications using httpuv alone. httpuv is built on
|
||||
top of the libuv and http-parser C libraries, both of which were developed
|
||||
by Joyent, Inc.
|
||||
|
||||
|
||||
%prep
|
||||
%setup -q -c -n %{packname}
|
||||
pushd %{packname}/src/libuv
|
||||
%patch0001 -p1
|
||||
popd
|
||||
|
||||
|
||||
%build
|
||||
|
||||
|
||||
%install
|
||||
mkdir -p %{buildroot}%{rlibdir}
|
||||
%{_bindir}/R CMD INSTALL -l %{buildroot}%{rlibdir} %{packname}
|
||||
test -d %{packname}/src && (cd %{packname}/src; rm -f *.o *.so)
|
||||
rm -f %{buildroot}%{rlibdir}/R.css
|
||||
|
||||
|
||||
%check
|
||||
%{_bindir}/R CMD check %{packname}
|
||||
|
||||
|
||||
%files
|
||||
%dir %{rlibdir}/%{packname}
|
||||
%doc %{rlibdir}/%{packname}/html
|
||||
%{rlibdir}/%{packname}/DESCRIPTION
|
||||
%license %{rlibdir}/%{packname}/LICENSE
|
||||
%doc %{rlibdir}/%{packname}/NEWS
|
||||
%{rlibdir}/%{packname}/INDEX
|
||||
%{rlibdir}/%{packname}/NAMESPACE
|
||||
%{rlibdir}/%{packname}/Meta
|
||||
%{rlibdir}/%{packname}/R
|
||||
%{rlibdir}/%{packname}/help
|
||||
%{rlibdir}/%{packname}/demo
|
||||
%{rlibdir}/%{packname}/libs
|
||||
|
||||
|
||||
%changelog
|
||||
* Thu Nov 09 2017 Elliott Sales de Andrade <quantum.analyst@gmail.com> 1.3.5-2
|
||||
- Apply patch for CVE-2015-0278
|
||||
|
||||
* Tue Oct 31 2017 Elliott Sales de Andrade <quantum.analyst@gmail.com> 1.3.5-1
|
||||
- initial package for Fedora
|
||||
Loading…
Reference in New Issue
Block a user