!1 添加memcached包

Merge pull request !1 from xhming/master
2020-02-19 14:23:08 +08:00 · 2020-02-19 14:23:08 +08:00 · 6b6e40019b
commit 6b6e40019b
parent 932f9b7cda 6e346ce84e
8 changed files with 196 additions and 75 deletions
--- a/README.en.md
+++ b/README.en.md
@ -1,36 +0,0 @@
 # memcached
 #### Description
 {**When you're done, you can delete the content in this README and update the file with details for others getting started with your repository**}
 #### Software Architecture
 Software architecture description
 #### Installation
 1.  xxxx
 2.  xxxx
 3.  xxxx
 #### Instructions
 1.  xxxx
 2.  xxxx
 3.  xxxx
 #### Contribution
 1.  Fork the repository
 2.  Create Feat_xxx branch
 3.  Commit your code
 4.  Create Pull Request
 #### Gitee Feature
 1.  You can use Readme\_XXX.md to support different languages, such as Readme\_en.md, Readme\_zh.md
 2.  Gitee blog [blog.gitee.com](https://blog.gitee.com)
 3.  Explore open source project [https://gitee.com/explore](https://gitee.com/explore)
 4.  The most valuable open source project [GVP](https://gitee.com/gvp)
 5.  The manual of Gitee [https://gitee.com/help](https://gitee.com/help)
 6.  The most popular members  [https://gitee.com/gitee-stars/](https://gitee.com/gitee-stars/)
--- a/README.md
+++ b/README.md
@ -1,39 +0,0 @@
 # memcached
 #### 介绍
 {**以下是码云平台说明，您可以替换此简介**
 码云是 OSCHINA 推出的基于 Git 的代码托管平台（同时支持 SVN）。专为开发者提供稳定、高效、安全的云端软件开发协作平台
 无论是个人、团队、或是企业，都能够用码云实现代码托管、项目管理、协作开发。企业项目请看 [https://gitee.com/enterprises](https://gitee.com/enterprises)}
 #### 软件架构
 软件架构说明
 #### 安装教程
 1.  xxxx
 2.  xxxx
 3.  xxxx
 #### 使用说明
 1.  xxxx
 2.  xxxx
 3.  xxxx
 #### 参与贡献
 1.  Fork 本仓库
 2.  新建 Feat_xxx 分支
 3.  提交代码
 4.  新建 Pull Request
 #### 码云特技
 1.  使用 Readme\_XXX.md 来支持不同的语言，例如 Readme\_en.md, Readme\_zh.md
 2.  码云官方博客 [blog.gitee.com](https://blog.gitee.com)
 3.  你可以 [https://gitee.com/explore](https://gitee.com/explore) 这个地址来了解码云上的优秀开源项目
 4.  [GVP](https://gitee.com/gvp) 全称是码云最有价值开源项目，是码云综合评定出的优秀开源项目
 5.  码云官方提供的使用手册 [https://gitee.com/help](https://gitee.com/help)
 6.  码云封面人物是一档用来展示码云会员风采的栏目 [https://gitee.com/gitee-stars/](https://gitee.com/gitee-stars/)
--- a/memcached-1.5.14.tar.gz
+++ b/memcached-1.5.14.tar.gz
--- a/memcached-CVE-2019-15026.patch
+++ b/memcached-CVE-2019-15026.patch
@ -0,0 +1,42 @@
 diff --git a/memcached.c b/memcached.c
 index a950fa4..63848e2 100644
 --- a/memcached.c
 +++ b/memcached.c
@@ -3395,6 +3395,7 @@ static void conn_to_str(const conn *c, char *buf) {
         struct sockaddr *addr = (void *)&c->request_addr;
         int af;
         unsigned short port = 0;
 +        size_t pathlen = 0;
         /* For listen ports and idle UDP ports, show listen address */
         if (c->state == conn_listening ||
@@ -3436,10 +3437,27 @@ static void conn_to_str(const conn *c, char *buf) {
                 break;
             case AF_UNIX:
 +                // this strncpy call originally could piss off an address
 +                // sanitizer; we supplied the size of the dest buf as a limiter,
 +                // but optimized versions of strncpy could read past the end of
 +                // *src while looking for a null terminator. Since buf and
 +                // sun_path here are both on the stack they could even overlap,
 +                // which is "undefined". In all OSS versions of strncpy I could
 +                // find this has no effect; it'll still only copy until the first null
 +                // terminator is found. Thus it's possible to get the OS to
 +                // examine past the end of sun_path but it's unclear to me if this
 +                // can cause any actual problem.
 +                //
 +                // We need a safe_strncpy util function but I'll punt on figuring
 +                // that out for now.
 +                pathlen = sizeof(((struct sockaddr_un *)addr)->sun_path);
 +                if (MAXPATHLEN <= pathlen) {
 +                    pathlen = MAXPATHLEN - 1;
 +                }
                 strncpy(addr_text,
                         ((struct sockaddr_un *)addr)->sun_path,
 -                        sizeof(addr_text) - 1);
 -                addr_text[sizeof(addr_text)-1] = '\0';
 +                        pathlen);
 +                addr_text[pathlen] = '\0';
                 protoname = "unix";
                 break;
         }
--- a/memcached-selinux-1.0.2.tar.gz
+++ b/memcached-selinux-1.0.2.tar.gz
--- a/memcached-unit.patch
+++ b/memcached-unit.patch
@ -0,0 +1,11 @@
 diff -up memcached-1.4.28/scripts/memcached.service.unit memcached-1.4.28/scripts/memcached.service
 --- memcached-1.4.28/scripts/memcached.service.unit	2016-07-02 03:14:25.000000000 +0200
 +++ memcached-1.4.28/scripts/memcached.service	2016-07-12 13:54:54.275782170 +0200
@@ -9,6 +9,7 @@
 [Unit]
 Description=memcached daemon
 +Before=httpd.service
 After=network.target
 [Service]
--- a/memcached.spec
+++ b/memcached.spec
@ -0,0 +1,138 @@
 %bcond_without sasl
 %bcond_with    seccomp
 Name:          memcached
 Version:       1.5.10
 Release:       2
 Epoch:         0
 Summary:       A high-performance, distributed memory object caching system
 License:       BSD
 URL:           https://www.memcached.org/
 Source0:       https://www.memcached.org/files/memcached-%{version}.tar.gz
 Source1:       https://pagure.io/memcached-selinux/raw/master/f/memcached-selinux-1.0.tar.gz
 Source2:       memcached.sysconfig
 Patch0001:     memcached-unit.patch
 Patch6000:     CVE-2019-11596.patch
 BuildRequires: systemd perl-generators perl(Test::More) perl(Test::Harness)
 BuildRequires: selinux-policy-devel libevent-devel
 %{?with_sasl:BuildRequires: cyrus-sasl-devel}
 %{?with_seccomp:BuildRequires: libseccomp-devel}
 Requires(pre):    shadow-utils
 Requires(post):   systemd
 Requires(preun):  systemd
 Requires(postun): systemd
 %description
 Memcached is a high-performance, distributed memory object caching system,
 generic in nature, but originally intended for use in speeding up dynamic
 web applications by alleviating database load.
 You can think of it as a short-term memory for your applications.
 %package       devel
 Summary:       Header files for memcached development
 Requires:      memcached = %{epoch}:%{version}-%{release}
 %description devel
 Header files for memcached development.
 %package       selinux
 Summary:       Selinux policy module
 License:       GPLv2
 BuildRequires: selinux-policy
 %{?selinux_requires}
 %description selinux
 Install memcached-selinux to ensure your system contains the latest SELinux policy
 optimised for use with this version of memcached.
 %package_help
 %prep
 %autosetup -b 1 -p1
 autoreconf -f -i
 %build
 %configure %{?with_sasl: --enable-sasl} %{?with_seccomp: --enable-seccomp}
 %make_build
 cd ../memcached-selinux-1.0
 %make_build
 %check
 rm -f t/whitespace.t t/lru-maintainer.t
 if [ `id -u` -ne 0 ]; then
  rm -f t/daemonize.t t/watcher.t t/expirations.t
 fi
 make test
 %install
 %make_install
 rm -f %{buildroot}%{_bindir}/memcached-debug
 install -D -p -m 755 scripts/memcached-tool     %{buildroot}%{_bindir}/memcached-tool
 install -D -p -m 644 scripts/memcached-tool.1   %{buildroot}%{_mandir}/man1/memcached-tool.1
 install -D -p -m 644 scripts/memcached.service  %{buildroot}%{_unitdir}/memcached.service
 install -D -p -m 644 %{SOURCE2}                 %{buildroot}%{_sysconfdir}/sysconfig/memcached
 cd ../memcached-selinux-1.0
 install -d    %{buildroot}%{_datadir}/selinux/packages
 install -d -p %{buildroot}%{_datadir}/selinux/devel/include/contrib
 install -m 644 memcached.pp.bz2 %{buildroot}%{_datadir}/selinux/packages
 %pre
 getent group  memcached >/dev/null || groupadd -r memcached
 getent passwd memcached >/dev/null || useradd -r -g memcached -d /run/memcached i \
                                      -s /sbin/nologin -c "Memcached daemon" memcached
 exit 0
 %pre selinux
 %selinux_relabel_pre -s targeted
 %post
 %systemd_post memcached.service
 %post selinux
 %selinux_modules_install -s targeted -p 200 %{_datadir}/selinux/packages/memcached.pp.bz2 &> /dev/null
 %preun
 %systemd_preun memcached.service
 %postun
 %systemd_postun_with_restart memcached.service
 %postun selinux
 if [ $1 -eq 0 ]; then
    %selinux_modules_uninstall -s targeted -p 200 memcached
 fi
 %posttrans selinux
 %selinux_relabel_post -s targeted &> /dev/null
 %files
 %license COPYING
 %config(noreplace) %{_sysconfdir}/sysconfig/memcached
 %{_bindir}/memcached-tool
 %{_bindir}/memcached
 %{_unitdir}/memcached.service
 %files devel
 %{_includedir}/memcached/*
 %files selinux
 %license COPYING
 %attr(0644,root,root) %{_datadir}/selinux/packages/memcached.pp.bz2
 %ghost %{_sharedstatedir}/selinux/targeted/active/modules/200/memcached
 %files help
 %doc AUTHORS ChangeLog NEWS README.md doc/CONTRIBUTORS doc/*.txt
 %{_mandir}/man1/memcached-tool.1*
 %{_mandir}/man1/memcached.1*
 %changelog
 * Fri Nov 29 2019 Lijin Yang <yanglijin@huawei.com> - 0:1.5.10-2
 - init package
--- a/memcached.sysconfig
+++ b/memcached.sysconfig
@ -0,0 +1,5 @@
 PORT="11211"
 USER="memcached"
 MAXCONN="1024"
 CACHESIZE="64"
 OPTIONS="-l 127.0.0.1,::1"