dist-git conversion

#2781)

.cvsignore

@@ -1 +0,0 @@
-git-1.6.0.3.tar.bz2

.gitignore

@@ -0,0 +1 @@
+git-1.6.0.6.tar.bz2

Makefile

@@ -1,21 +0,0 @@
-# Makefile for source rpm: git
-# $Id$
-NAME := git
-SPECFILE = $(firstword $(wildcard *.spec))
-
-define find-makefile-common
-for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
-endef
-
-MAKEFILE_COMMON := $(shell $(find-makefile-common))
-
-ifeq ($(MAKEFILE_COMMON),)
-# attept a checkout
-define checkout-makefile-common
-test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
-endef
-
-MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
-endif
-
-include $(MAKEFILE_COMMON)

git-1.6.0.6-daemon-extra-args.patch

@@ -0,0 +1,114 @@
+From ccf9fce9da3cda9ee869c70a048971c7f231a78a Mon Sep 17 00:00:00 2001
+From: Shawn O. Pearce <spearce@spearce.org>
+Date: Thu, 4 Jun 2009 18:33:32 -0700
+Subject: [PATCH] daemon: Strictly parse the "extra arg" part of the command
+
+This is a backport of upstream commit 73bb33a.
+
+Since 1.4.4.5 (49ba83fb67 "Add virtualization support to git-daemon")
+git daemon enters an infinite loop and never terminates if a client
+hides any extra arguments in the initial request line which is not
+exactly "\0host=blah\0".
+
+Since that change, a client must never insert additional extra
+arguments, or attempt to use any argument other than "host=", as
+any daemon will get stuck parsing the request line and will never
+complete the request.
+
+Since the client can't tell if the daemon is patched or not, it
+is not possible to know if additional extra args might actually be
+able to be safely requested.
+
+If we ever need to extend the git daemon protocol to support a new
+feature, we may have to do something like this to the exchange:
+
+  # If both support git:// v2
+  #
+  C: 000cgit://v2
+  S: 0010ok host user
+  C: 0018host git.kernel.org
+  C: 0027git-upload-pack /pub/linux-2.6.git
+  S: ...git-upload-pack header...
+
+  # If client supports git:// v2, server does not:
+  #
+  C: 000cgit://v2
+  S: <EOF>
+
+  C: 003bgit-upload-pack /pub/linux-2.6.git\0host=git.kernel.org\0
+  S: ...git-upload-pack header...
+
+This requires the client to create two TCP connections to talk to
+an older git daemon, however all daemons since the introduction of
+daemon.c will safely reject the unknown "git://v2" command request,
+so the client can quite easily determine the server supports an
+older protocol.
+
+Signed-off-by: Shawn O. Pearce <spearce@spearce.org>
+Signed-off-by: Junio C Hamano <gitster@pobox.com>
+---
+ connect.c |    5 ++++-
+ daemon.c  |   11 ++++++-----
+ 2 files changed, 10 insertions(+), 6 deletions(-)
+
+diff --git a/connect.c b/connect.c
+index dd96f8e..c7a9f6d 100644
+--- a/connect.c
++++ b/connect.c
+@@ -573,7 +573,10 @@ struct child_process *git_connect(int fd[2], const char *url_orig,
+ 			git_tcp_connect(fd, host, flags);
+ 		/*
+ 		 * Separate original protocol components prog and path
+-		 * from extended components with a NUL byte.
++		 * from extended host header with a NUL byte.
++		 *
++		 * Note: Do not add any other headers here!  Doing so
++		 * will cause older git-daemon servers to crash.
+ 		 */
+ 		packet_write(fd[1],
+ 			     "%s %s%chost=%s%c",
+diff --git a/daemon.c b/daemon.c
+index 8dcde73..325766e 100644
+--- a/daemon.c
++++ b/daemon.c
+@@ -432,16 +432,15 @@ static void make_service_overridable(const char *name, int ena)
+ }
+ 
+ /*
+- * Separate the "extra args" information as supplied by the client connection.
+- * Any resulting data is squirreled away in the given interpolation table.
++ * Read the host as supplied by the client connection.
+  */
+-static void parse_extra_args(struct interp *table, char *extra_args, int buflen)
++static void parse_host_arg(struct interp *table, char *extra_args, int buflen)
+ {
+ 	char *val;
+ 	int vallen;
+ 	char *end = extra_args + buflen;
+ 
+-	while (extra_args < end && *extra_args) {
++	if (extra_args < end && *extra_args) {
+ 		saw_extended_args = 1;
+ 		if (strncasecmp("host=", extra_args, 5) == 0) {
+ 			val = extra_args + 5;
+@@ -461,6 +460,8 @@ static void parse_extra_args(struct interp *table, char *extra_args, int buflen)
+ 			/* On to the next one */
+ 			extra_args = val + vallen;
+ 		}
++		if (extra_args < end && *extra_args)
++			die("Invalid request");
+ 	}
+ }
+ 
+@@ -580,7 +581,7 @@ static int execute(struct sockaddr *addr)
+ 	interp_set_entry(interp_table, INTERP_SLOT_PERCENT, "%");
+ 
+ 	if (len != pktlen) {
+-	    parse_extra_args(interp_table, line + len + 1, pktlen - len - 1);
++	    parse_host_arg(interp_table, line + len + 1, pktlen - len - 1);
+ 	    fill_in_extra_table_entries(interp_table);
+ 	}
+ 
+-- 
+1.6.3.2
+

git-cvsimport-Ignore-cvsps-2.2b1-Branches-output.patch

@@ -0,0 +1,26 @@
+From 09891c65a5f7409ce0bd37daced0ff31fbb1b1c9 Mon Sep 17 00:00:00 2001
+From: Todd Zullinger <tmz@pobox.com>
+Date: Mon, 23 Mar 2009 00:03:36 -0400
+Subject: [PATCH] git-cvsimport: Ignore cvsps-2.2b1 Branches: output
+
+Signed-off-by: Todd Zullinger <tmz@pobox.com>
+---
+ git-cvsimport.perl |    2 +-
+ 1 files changed, 1 insertions(+), 1 deletions(-)
+
+diff --git a/git-cvsimport.perl b/git-cvsimport.perl
+index e439202..d020f1a 100755
+--- a/git-cvsimport.perl
++++ b/git-cvsimport.perl
+@@ -952,7 +952,7 @@ while (<CVS>) {
+ 	} elsif (/^-+$/) { # end of unknown-line processing
+ 		$state = 1;
+ 	} elsif ($state != 11) { # ignore stuff when skipping
+-		print STDERR "* UNKNOWN LINE * $_\n";
++		print STDERR "* UNKNOWN LINE * $_\n" unless /^Branches: /;
+ 	}
+ }
+ commit() if $branch and $state != 11;
+-- 
+1.6.2.2
+

git.spec

@@ -1,21 +1,24 @@
 # Pass --without docs to rpmbuild if you don't want the documentation
 Name: 		git
-Version: 	1.6.0.3
-Release: 	1%{?dist}
+Version: 	1.6.0.6
+Release: 	4%{?dist}
 Summary:  	Core git tools
 License: 	GPLv2
 Group: 		Development/Tools
-URL: 		http://kernel.org/pub/software/scm/git/
+URL:		http://git-scm.com/
 Source: 	http://kernel.org/pub/software/scm/git/%{name}-%{version}.tar.bz2
 Source1:	git-init.el
 Source2:	git.xinetd
 Source3:	git.conf.httpd
 Patch0:		git-1.5-gitweb-home-link.patch
+Patch1:         git-1.6.0.6-daemon-extra-args.patch
+# https://bugzilla.redhat.com/490602
+Patch2:         git-cvsimport-Ignore-cvsps-2.2b1-Branches-output.patch
 BuildRequires:	zlib-devel >= 1.2, openssl-devel, libcurl-devel, expat-devel, emacs, gettext %{!?_without_docs:, xmlto, asciidoc > 6.0.3}
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 Requires:	perl-Git = %{version}-%{release}
-Requires:	zlib >= 1.2, rsync, libcurl, less, openssh-clients, expat, perl(Error)
+Requires:	zlib >= 1.2, rsync, less, openssh-clients, expat, perl(Error)
 Provides:	git-core = %{version}-%{release}
 Obsoletes:	git-core <= 1.5.4.3
 
@@ -90,7 +93,7 @@ Git tools for importing Arch repositories.
 Summary:        Git tools for sending email
 Group:          Development/Tools
 Requires:	git = %{version}-%{release}, perl-Git = %{version}-%{release}
-Requires:   perl(Net::SMTP::SSL)
+Requires:       perl(Net::SMTP::SSL), perl(Authen::SASL)
 %description email
 Git tools for sending email.
 
@@ -98,6 +101,7 @@ Git tools for sending email.
 Summary:        Git GUI tool
 Group:          Development/Tools
 Requires:       git = %{version}-%{release}, tk >= 8.4
+Requires:       gitk = %{version}-%{release}
 %description gui
 Git GUI tool.
 
@@ -129,21 +133,27 @@ Requires:      git = %{version}-%{release}, emacs-common
 %prep
 %setup -q
 %patch0 -p1
+%patch1 -p1
+%patch2 -p1
+
+# Use these same options for every invocation of 'make'.
+# Otherwise it will rebuild in %%install due to flags changes.
+%define make_git \
+make %{_smp_mflags} CFLAGS="$RPM_OPT_FLAGS" \\\
+     ETC_GITCONFIG=%{_sysconfdir}/gitconfig \\\
+     DESTDIR=$RPM_BUILD_ROOT \\\
+     INSTALLDIRS=vendor \\\
+     THREADED_DELTA_SEARCH=YesPlease \\\
+     gitexecdir=%{_bindir} \\\
+     prefix=%{_prefix}
 
 %build
-make %{_smp_mflags} CFLAGS="$RPM_OPT_FLAGS" \
-     ETC_GITCONFIG=/etc/gitconfig \
-     gitexecdir=%{_bindir} \
-     prefix=%{_prefix} all %{!?_without_docs: doc}
+%{make_git} all %{!?_without_docs: doc}
 make -C contrib/emacs
 
 %install
 rm -rf $RPM_BUILD_ROOT
-make %{_smp_mflags} CFLAGS="$RPM_OPT_FLAGS" DESTDIR=$RPM_BUILD_ROOT \
-     prefix=%{_prefix} mandir=%{_mandir} \
-     ETC_GITCONFIG=/etc/gitconfig \
-     gitexecdir=%{_bindir} \
-     INSTALLDIRS=vendor install %{!?_without_docs: install-doc}
+%{make_git} install %{!?_without_docs: install-doc}
 make -C contrib/emacs install \
 		 emacsdir=$RPM_BUILD_ROOT%{_datadir}/emacs/site-lisp
 for elc in $RPM_BUILD_ROOT%{_datadir}/emacs/site-lisp/*.elc ; do
@@ -167,11 +177,11 @@ find $RPM_BUILD_ROOT -type f -name perllocal.pod -exec rm -f {} ';'
 (find $RPM_BUILD_ROOT%{_bindir} -type f | grep -vE "archimport|svn|cvs|email|gitk|git-gui|git-citooli|git-daemon" | sed -e s@^$RPM_BUILD_ROOT@@)               > bin-man-doc-files
 (find $RPM_BUILD_ROOT%{perl_vendorlib} -type f | sed -e s@^$RPM_BUILD_ROOT@@) >> perl-files
 %if %{!?_without_docs:1}0
-(find $RPM_BUILD_ROOT%{_mandir} $RPM_BUILD_ROOT/Documentation -type f | grep -vE "archimport|svn|git-cvs|email|gitk|git-gui|git-citool" | sed -e s@^$RPM_BUILD_ROOT@@ -e 's/$/*/' ) >> bin-man-doc-files
+(find $RPM_BUILD_ROOT%{_mandir} $RPM_BUILD_ROOT/Documentation -type f | grep -vE "archimport|svn|git-cvs|email|gitk|git-gui|git-citool|git-daemon" | sed -e s@^$RPM_BUILD_ROOT@@ -e 's/$/*/' ) >> bin-man-doc-files
 %else
 rm -rf $RPM_BUILD_ROOT%{_mandir}
 %endif
-mkdir -p $RPM_BUILD_ROOT/srv/git
+mkdir -p $RPM_BUILD_ROOT%{_var}/lib/git
 
 mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/bash_completion.d
 install -m 644 -T contrib/completion/git-completion.bash $RPM_BUILD_ROOT%{_sysconfdir}/bash_completion.d/git
@@ -241,14 +251,18 @@ rm -rf $RPM_BUILD_ROOT
 
 %files -n emacs-git
 %defattr(-,root,root)
+%exclude %{_datadir}/emacs/site-lisp/vc-git.el*
 %{_datadir}/emacs/site-lisp/*git*.el*
 %{_datadir}/emacs/site-lisp/site-start.d/git-init.el
 
 %files daemon
 %defattr(-,root,root)
+%doc Documentation/*daemon*.txt
 %{_bindir}/git-daemon
 %config(noreplace)%{_sysconfdir}/xinetd.d/git
-/srv/git
+%{_var}/lib/git
+%{!?_without_docs: %{_mandir}/man1/*daemon*.1*}
+%{!?_without_docs: %doc Documentation/*daemon*.html}
 
 %files -n gitweb
 %defattr(-,root,root)
@@ -260,6 +274,36 @@ rm -rf $RPM_BUILD_ROOT
 # No files for you!
 
 %changelog
+* Fri Jun 19 2009 Todd Zullinger <tmz@pobox.com> - 1.6.0.6-4
+- Fix git-daemon hang on invalid input (CVE-2009-2108, bug 505761)
+- Ignore Branches output from cvsps-2.2b1 (bug 490602)
+- Escape newline in git-daemon xinetd description (bug 502393)
+
+* Mon Mar 02 2009 Todd Zullinger <tmz@pobox.com> - 1.6.0.6-3
+- Enable parallel delta searching when packing objects (Roland McGrath)
+- Consolidate build/install options in %%make_git (Roland McGrath)
+- Require perl(Authen::SASL) in git-email (bug 483062)
+- Exclude vc-git.el from emacs-git (bug 479531)
+- Change /var/lib/git-daemon to %{_var}/lib/git
+- Include docs in the git-daemon package
+- Drop redundant libcurl Requires
+- Update URL field
+
+* Sat Dec 20 2008 Todd Zullinger <tmz@pobox.com> 1.6.0.6-1
+- git-1.6.0.6
+- Fixes a local privilege escalation bug in gitweb
+  (http://article.gmane.org/gmane.comp.version-control.git/103624)
+- Add gitk Requires to git-gui (bug 476308)
+
+* Thu Dec 11 2008 Josh Boyer <jboyer@gmail.com> 1.6.0.5-1
+- git-1.6.0.5
+
+* Mon Nov 17 2008 Seth Vidal <skvidal at fedoraproject.org>
+- switch from /srv/git to /var/lib/git-daemon for packaging rules compliance
+
+* Fri Nov 14 2008 Josh Boyer <jwboyer@gmail.com> 1.6.0.4-1
+- git-1.6.0.4
+
 * Wed Oct 22 2008 Josh Boyer <jwboyer@gmail.com> 1.6.0.3-1
 - git-1.6.0.3
 - Drop curl requirement in favor of libcurl (bug 449388)

git.xinetd

@@ -1,5 +1,5 @@
 # default: off
-# description: The git dæmon allows git repositories to be exported using
+# description: The git dæmon allows git repositories to be exported using \
 #	the git:// protocol.
 
 service git
@@ -9,7 +9,7 @@ service git
         wait            = no
         user            = nobody
         server          = /usr/bin/git-daemon
-        server_args     = --base-path=/srv/git --export-all --user-path=public_git --syslog --inetd --verbose
+        server_args     = --base-path=/var/lib/git --export-all --user-path=public_git --syslog --inetd --verbose
         log_on_failure  += USERID
 # xinetd doesn't do this by default. bug #195265
         flags		= IPv6

sources

@@ -1 +1 @@
-d7178b0b0eaaa07538149bb231902796  git-1.6.0.3.tar.bz2
+b5be9b34b441cb57f92086bfaf59f255  git-1.6.0.6.tar.bz2