From 2ee9d26b29e4b530359ed0cd793334f5fd0bab0f Mon Sep 17 00:00:00 2001
From: Jeroen Roovers <jer@gentoo.org>
Date: Fri, 2 Mar 2018 11:49:00 +0100
Subject: net-misc/tn5250: Fix building against sys-libs/ncurses[tinfo] (bug
 #596314).

- Drop USE=X (configure: WARNING: unrecognized options: --with-x)
- Drop weird build-time only dependency on x11-libs/libXt
- Name patches properly.
- Add IUSE=static-libs instead of --disable-static
- Add linux/Makefile.am patch instead of sedding Makefile.in
- Use ltprune.eclass instead of eutils.eclass

Package-Manager: Portage-2.3.24, Repoman-2.3.6
---
 .../tn5250/files/disable-sslv2-and-sslv3.patch     | 61 ---------------------
 .../files/fix-Wformat-security-warnings.patch      | 62 ----------------------
 .../tn5250-0.17.4-disable-sslv2-and-sslv3.patch    | 61 +++++++++++++++++++++
 ...5250-0.17.4-fix-Wformat-security-warnings.patch | 62 ++++++++++++++++++++++
 net-misc/tn5250/files/tn5250-0.17.4-tinfo.patch    | 10 ++++
 net-misc/tn5250/files/tn5250-0.17.4-whoami.patch   | 13 +++++
 6 files changed, 146 insertions(+), 123 deletions(-)
 delete mode 100644 net-misc/tn5250/files/disable-sslv2-and-sslv3.patch
 delete mode 100644 net-misc/tn5250/files/fix-Wformat-security-warnings.patch
 create mode 100644 net-misc/tn5250/files/tn5250-0.17.4-disable-sslv2-and-sslv3.patch
 create mode 100644 net-misc/tn5250/files/tn5250-0.17.4-fix-Wformat-security-warnings.patch
 create mode 100644 net-misc/tn5250/files/tn5250-0.17.4-tinfo.patch
 create mode 100644 net-misc/tn5250/files/tn5250-0.17.4-whoami.patch

(limited to 'net-misc/tn5250/files')

diff --git a/net-misc/tn5250/files/disable-sslv2-and-sslv3.patch b/net-misc/tn5250/files/disable-sslv2-and-sslv3.patch
deleted file mode 100644
index 9c8d04f55851..000000000000
--- a/net-misc/tn5250/files/disable-sslv2-and-sslv3.patch
+++ /dev/null
@@ -1,61 +0,0 @@
-From 1acfebd966e8804e6573cbe9287b8b6f028a646c Mon Sep 17 00:00:00 2001
-From: Michael Orlitzky <michael@orlitzky.com>
-Date: Tue, 23 Aug 2016 18:13:47 -0400
-Subject: [PATCH 1/1] sslstream.c: ignore the user's choice of ssl_method.
-
-The SSLv2 and SSLv3 protocols are insecure, and people have begun to
-operate without them. LibreSSL, for example, does not have them
-enabled, and it is possible to build OpenSSL in the same manner.
-
-If SSLv[23] are disabled, the user would not be able to choose "ssl2"
-or "ssl3" as his "ssl_method", an option that was undocumented
-anywhere. Therefore there is not much lost, and some security to gain,
-by removing the option completely. This commit does that, and uses the
-automatic protocol choice that is capable of negotiating TLSv1,
-TLSv1.1 and TLSv1.2.
-
-Gentoo-Bug: 591940
----
- lib5250/sslstream.c | 26 ++++++++++----------------
- 1 file changed, 10 insertions(+), 16 deletions(-)
-
-diff --git a/lib5250/sslstream.c b/lib5250/sslstream.c
-index 7181566..2f91d1a 100644
---- a/lib5250/sslstream.c
-+++ b/lib5250/sslstream.c
-@@ -362,22 +362,16 @@ int tn5250_ssl_stream_init (Tn5250Stream *This)
- 
- /*  which SSL method do we use? */
- 
--   strcpy(methstr,"auto");
--   if (This->config!=NULL && tn5250_config_get (This->config, "ssl_method")) {
--        strncpy(methstr, tn5250_config_get (This->config, "ssl_method"), 4);
--        methstr[4] = '\0';
--   }
--
--   if (!strcmp(methstr, "ssl2")) {
--        meth = SSLv2_client_method();         
--        TN5250_LOG(("SSL Method = SSLv2_client_method()\n"));
--   } else if (!strcmp(methstr, "ssl3")) {
--        meth = SSLv3_client_method();         
--        TN5250_LOG(("SSL Method = SSLv3_client_method()\n"));
--   } else {
--        meth = SSLv23_client_method();         
--        TN5250_LOG(("SSL Method = SSLv23_client_method()\n"));
--   }
-+    /* Ignore the user's choice of ssl_method (which isn't documented
-+     * anyway...) if it was either "ssl2" or "ssl3". Both are insecure,
-+     * and this is only safe supported method left.
-+     *
-+     * This is a Gentoo-specific modification that lets us build
-+     * against LibreSSL and newer OpenSSL with its insecure protocols
-+     * disabled.
-+     */
-+    meth = SSLv23_client_method();
-+    TN5250_LOG(("SSL Method = SSLv23_client_method()\n"));
- 
- /*  create a new SSL context */
- 
--- 
-2.7.3
-
diff --git a/net-misc/tn5250/files/fix-Wformat-security-warnings.patch b/net-misc/tn5250/files/fix-Wformat-security-warnings.patch
deleted file mode 100644
index 4927bce546f2..000000000000
--- a/net-misc/tn5250/files/fix-Wformat-security-warnings.patch
+++ /dev/null
@@ -1,62 +0,0 @@
-From 1bc9cac45be4bac46f58e325779bdb8c7b7bf502 Mon Sep 17 00:00:00 2001
-From: Michael Orlitzky <michael@orlitzky.com>
-Date: Tue, 23 Aug 2016 20:20:15 -0400
-Subject: [PATCH 1/1] Fix format-security warnings.
-
-Newer versions of GCC have the ability to warn you (or throw errors)
-about insecure format strings. Generally this is due to an omitted
-format string in the printf family of functions, and a few of those
-issues existed in the code base. They were all fixed by adding a
-trivial "%s" format string. The project now builds with
--Werror=format-security.
----
- curses/cursesterm.c | 4 ++--
- lib5250/sslstream.c | 2 +-
- lib5250/telnetstr.c | 2 +-
- 3 files changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/curses/cursesterm.c b/curses/cursesterm.c
-index bf20f05..3032966 100644
---- a/curses/cursesterm.c
-+++ b/curses/cursesterm.c
-@@ -640,9 +640,9 @@ static void curses_terminal_update(Tn5250Terminal * This, Tn5250Display *display
-       if(This->data->is_xterm) {
-          if (This->data->font_132!=NULL) {
-                if (tn5250_display_width (display)>100)
--                    printf(This->data->font_132);
-+		    printf("%s", This->data->font_132);
-                else
--                    printf(This->data->font_80);
-+		    printf("%s", This->data->font_80);
-          }
- 	 printf ("\x1b[8;%d;%dt", tn5250_display_height (display)+1,
- 	       tn5250_display_width (display));
-diff --git a/lib5250/sslstream.c b/lib5250/sslstream.c
-index 2f91d1a..7f3009e 100644
---- a/lib5250/sslstream.c
-+++ b/lib5250/sslstream.c
-@@ -307,7 +307,7 @@ static void ssl_log_SB_buf(unsigned char *buf, int len)
- 
-    if (!tn5250_logfile)
-       return;
--   fprintf(tn5250_logfile,ssl_getTelOpt(type=*buf++));
-+   fprintf(tn5250_logfile,"%s",ssl_getTelOpt(type=*buf++));
-    switch (c=*buf++) {
-       case IS:
- 		fputs("<IS>",tn5250_logfile);
-diff --git a/lib5250/telnetstr.c b/lib5250/telnetstr.c
-index 9ad2624..cf1576f 100644
---- a/lib5250/telnetstr.c
-+++ b/lib5250/telnetstr.c
-@@ -282,7 +282,7 @@ static void log_SB_buf(unsigned char *buf, int len)
- 
-    if (!tn5250_logfile)
-       return;
--   fprintf(tn5250_logfile,getTelOpt(type=*buf++));
-+   fprintf(tn5250_logfile,"%s",getTelOpt(type=*buf++));
-    switch (c=*buf++) {
-       case IS:
- 		fputs("<IS>",tn5250_logfile);
--- 
-2.7.3
-
diff --git a/net-misc/tn5250/files/tn5250-0.17.4-disable-sslv2-and-sslv3.patch b/net-misc/tn5250/files/tn5250-0.17.4-disable-sslv2-and-sslv3.patch
new file mode 100644
index 000000000000..9c8d04f55851
--- /dev/null
+++ b/net-misc/tn5250/files/tn5250-0.17.4-disable-sslv2-and-sslv3.patch
@@ -0,0 +1,61 @@
+From 1acfebd966e8804e6573cbe9287b8b6f028a646c Mon Sep 17 00:00:00 2001
+From: Michael Orlitzky <michael@orlitzky.com>
+Date: Tue, 23 Aug 2016 18:13:47 -0400
+Subject: [PATCH 1/1] sslstream.c: ignore the user's choice of ssl_method.
+
+The SSLv2 and SSLv3 protocols are insecure, and people have begun to
+operate without them. LibreSSL, for example, does not have them
+enabled, and it is possible to build OpenSSL in the same manner.
+
+If SSLv[23] are disabled, the user would not be able to choose "ssl2"
+or "ssl3" as his "ssl_method", an option that was undocumented
+anywhere. Therefore there is not much lost, and some security to gain,
+by removing the option completely. This commit does that, and uses the
+automatic protocol choice that is capable of negotiating TLSv1,
+TLSv1.1 and TLSv1.2.
+
+Gentoo-Bug: 591940
+---
+ lib5250/sslstream.c | 26 ++++++++++----------------
+ 1 file changed, 10 insertions(+), 16 deletions(-)
+
+diff --git a/lib5250/sslstream.c b/lib5250/sslstream.c
+index 7181566..2f91d1a 100644
+--- a/lib5250/sslstream.c
++++ b/lib5250/sslstream.c
+@@ -362,22 +362,16 @@ int tn5250_ssl_stream_init (Tn5250Stream *This)
+ 
+ /*  which SSL method do we use? */
+ 
+-   strcpy(methstr,"auto");
+-   if (This->config!=NULL && tn5250_config_get (This->config, "ssl_method")) {
+-        strncpy(methstr, tn5250_config_get (This->config, "ssl_method"), 4);
+-        methstr[4] = '\0';
+-   }
+-
+-   if (!strcmp(methstr, "ssl2")) {
+-        meth = SSLv2_client_method();         
+-        TN5250_LOG(("SSL Method = SSLv2_client_method()\n"));
+-   } else if (!strcmp(methstr, "ssl3")) {
+-        meth = SSLv3_client_method();         
+-        TN5250_LOG(("SSL Method = SSLv3_client_method()\n"));
+-   } else {
+-        meth = SSLv23_client_method();         
+-        TN5250_LOG(("SSL Method = SSLv23_client_method()\n"));
+-   }
++    /* Ignore the user's choice of ssl_method (which isn't documented
++     * anyway...) if it was either "ssl2" or "ssl3". Both are insecure,
++     * and this is only safe supported method left.
++     *
++     * This is a Gentoo-specific modification that lets us build
++     * against LibreSSL and newer OpenSSL with its insecure protocols
++     * disabled.
++     */
++    meth = SSLv23_client_method();
++    TN5250_LOG(("SSL Method = SSLv23_client_method()\n"));
+ 
+ /*  create a new SSL context */
+ 
+-- 
+2.7.3
+
diff --git a/net-misc/tn5250/files/tn5250-0.17.4-fix-Wformat-security-warnings.patch b/net-misc/tn5250/files/tn5250-0.17.4-fix-Wformat-security-warnings.patch
new file mode 100644
index 000000000000..4927bce546f2
--- /dev/null
+++ b/net-misc/tn5250/files/tn5250-0.17.4-fix-Wformat-security-warnings.patch
@@ -0,0 +1,62 @@
+From 1bc9cac45be4bac46f58e325779bdb8c7b7bf502 Mon Sep 17 00:00:00 2001
+From: Michael Orlitzky <michael@orlitzky.com>
+Date: Tue, 23 Aug 2016 20:20:15 -0400
+Subject: [PATCH 1/1] Fix format-security warnings.
+
+Newer versions of GCC have the ability to warn you (or throw errors)
+about insecure format strings. Generally this is due to an omitted
+format string in the printf family of functions, and a few of those
+issues existed in the code base. They were all fixed by adding a
+trivial "%s" format string. The project now builds with
+-Werror=format-security.
+---
+ curses/cursesterm.c | 4 ++--
+ lib5250/sslstream.c | 2 +-
+ lib5250/telnetstr.c | 2 +-
+ 3 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/curses/cursesterm.c b/curses/cursesterm.c
+index bf20f05..3032966 100644
+--- a/curses/cursesterm.c
++++ b/curses/cursesterm.c
+@@ -640,9 +640,9 @@ static void curses_terminal_update(Tn5250Terminal * This, Tn5250Display *display
+       if(This->data->is_xterm) {
+          if (This->data->font_132!=NULL) {
+                if (tn5250_display_width (display)>100)
+-                    printf(This->data->font_132);
++		    printf("%s", This->data->font_132);
+                else
+-                    printf(This->data->font_80);
++		    printf("%s", This->data->font_80);
+          }
+ 	 printf ("\x1b[8;%d;%dt", tn5250_display_height (display)+1,
+ 	       tn5250_display_width (display));
+diff --git a/lib5250/sslstream.c b/lib5250/sslstream.c
+index 2f91d1a..7f3009e 100644
+--- a/lib5250/sslstream.c
++++ b/lib5250/sslstream.c
+@@ -307,7 +307,7 @@ static void ssl_log_SB_buf(unsigned char *buf, int len)
+ 
+    if (!tn5250_logfile)
+       return;
+-   fprintf(tn5250_logfile,ssl_getTelOpt(type=*buf++));
++   fprintf(tn5250_logfile,"%s",ssl_getTelOpt(type=*buf++));
+    switch (c=*buf++) {
+       case IS:
+ 		fputs("<IS>",tn5250_logfile);
+diff --git a/lib5250/telnetstr.c b/lib5250/telnetstr.c
+index 9ad2624..cf1576f 100644
+--- a/lib5250/telnetstr.c
++++ b/lib5250/telnetstr.c
+@@ -282,7 +282,7 @@ static void log_SB_buf(unsigned char *buf, int len)
+ 
+    if (!tn5250_logfile)
+       return;
+-   fprintf(tn5250_logfile,getTelOpt(type=*buf++));
++   fprintf(tn5250_logfile,"%s",getTelOpt(type=*buf++));
+    switch (c=*buf++) {
+       case IS:
+ 		fputs("<IS>",tn5250_logfile);
+-- 
+2.7.3
+
diff --git a/net-misc/tn5250/files/tn5250-0.17.4-tinfo.patch b/net-misc/tn5250/files/tn5250-0.17.4-tinfo.patch
new file mode 100644
index 000000000000..46469c4def8e
--- /dev/null
+++ b/net-misc/tn5250/files/tn5250-0.17.4-tinfo.patch
@@ -0,0 +1,10 @@
+--- a/configure.ac
++++ b/configure.ac
+@@ -64,6 +64,7 @@
+ 			AC_MSG_ERROR([** You need a curses-compatible library installed.])
+ 		fi
+ 	fi
++	AC_SEARCH_LIBS(stdscr, tinfo, [CURSES_LIB="$CURSES_LIB -ltinfo"])
+ 	AC_SUBST([CURSES_LIB])
+         if test "$ac_cv_use_old_keys" != "yes";
+         then
diff --git a/net-misc/tn5250/files/tn5250-0.17.4-whoami.patch b/net-misc/tn5250/files/tn5250-0.17.4-whoami.patch
new file mode 100644
index 000000000000..fbcece25af27
--- /dev/null
+++ b/net-misc/tn5250/files/tn5250-0.17.4-whoami.patch
@@ -0,0 +1,13 @@
+--- a/linux/Makefile.am
++++ b/linux/Makefile.am
+@@ -18,10 +18,6 @@
+ 	  if [ "$$(uname -s)" = "Linux" ]; then \
+             if which tic >/dev/null 2>&1 ; then \
+ 	      if [ "`whoami`" = "root" ]; then \
+-		rm -f /usr/share/terminfo/x/xterm-5250 ; \
+-		rm -f /usr/share/terminfo/5/5250 ; \
+-		rm -f /usr/lib/terminfo/x/xterm-5250 ; \
+-		rm -f /usr/lib/terminfo/5/5250 ; \
+ 		good=yes ; \
+ 		tic $(srcdir)/5250.terminfo || good=no ; \
+ 	      else \
-- 
cgit v1.2.3-65-gdbad