patch SIP denial of service vulnerability. bug #169616.

author Rajiv Aaron Manglani <rajiv@gentoo.org>

Fri, 9 Mar 2007 20:25:10 +0000 (20:25 +0000)

committer Rajiv Aaron Manglani <rajiv@gentoo.org>

Fri, 9 Mar 2007 20:25:10 +0000 (20:25 +0000)
author Rajiv Aaron Manglani <rajiv@gentoo.org>
Fri, 9 Mar 2007 20:25:10 +0000 (20:25 +0000)
committer Rajiv Aaron Manglani <rajiv@gentoo.org>
Fri, 9 Mar 2007 20:25:10 +0000 (20:25 +0000)
diff --git a/net-misc/asterisk/ChangeLog b/net-misc/asterisk/ChangeLog

index a9cbdf78de15fdc5f161a186f41e8704805eddb5..dd7293eab95dd0d2719e1a365222f37e4428ed23 100644 (file)
--- a/net-misc/asterisk/ChangeLog
+++ b/net-misc/asterisk/ChangeLog
@@ -1,6 +1,12 @@
  # ChangeLog for net-misc/asterisk
  # Copyright 2002-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/asterisk/ChangeLog,v 1.145 2007/02/11 07:45:13 rajiv Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/asterisk/ChangeLog,v 1.146 2007/03/09 20:25:10 rajiv Exp $
+
+*asterisk-1.0.12-r1 (09 Mar 2007)
+
+  09 Mar 2007; Rajiv Aaron Manglani <rajiv@gentoo.org>
+  +files/1.0.0/asterisk-1.0.12-chan_sip.patch, +asterisk-1.0.12-r1.ebuild:
+  patch SIP denial of service vulnerability. bug #169616.
  
    11 Feb 2007; Rajiv Aaron Manglani <rajiv@gentoo.org>
    -asterisk-1.2.12.1.ebuild:
diff --git a/net-misc/asterisk/Manifest b/net-misc/asterisk/Manifest

index 6a5216c8e35015a860408fc2836ede1fbec39c70..2a0843f3d87a3721c551a6d66580e21d42bb5927 100644 (file)
--- a/net-misc/asterisk/Manifest
+++ b/net-misc/asterisk/Manifest
@@ -14,6 +14,10 @@ AUX 1.0.0/asterisk-1.0.10-weak-references.diff 8579 RMD160 7d4421d18b256531ddbc3
  MD5 27bf961621fb1f521bc11293df8b5ec9 files/1.0.0/asterisk-1.0.10-weak-references.diff 8579
  RMD160 7d4421d18b256531ddbc351ba6b4a8a94604017c files/1.0.0/asterisk-1.0.10-weak-references.diff 8579
  SHA256 61f9ce3a15dc904e73ea426c0ad928f201b9101c585195a7feb554548c1a861a files/1.0.0/asterisk-1.0.10-weak-references.diff 8579
+AUX 1.0.0/asterisk-1.0.12-chan_sip.patch 690 RMD160 654cf5cdf373752df7592769f20df8530615a233 SHA1 012e6acd66f386eafb6076033f8f112e986f6340 SHA256 3a86a914c4c59af2ae08bb3919775249a3f9f4582a50884647b00ef89c91831b
+MD5 4dee507fb69e27b9b53ffb9b0d33a063 files/1.0.0/asterisk-1.0.12-chan_sip.patch 690
+RMD160 654cf5cdf373752df7592769f20df8530615a233 files/1.0.0/asterisk-1.0.12-chan_sip.patch 690
+SHA256 3a86a914c4c59af2ae08bb3919775249a3f9f4582a50884647b00ef89c91831b files/1.0.0/asterisk-1.0.12-chan_sip.patch 690
  AUX 1.0.0/asterisk-1.0.5-astcfg-0.0.2.diff 5829 RMD160 2983d78f8a1dd8768da919ddb3282511ebdb915c SHA1 cd17b5d631170e692b57f94227e832dc3b37c43a SHA256 b5787fa77d4ad0786ce9d243d597b1129f214f4e376c6e1b79929633ef6f35d1
  MD5 f20e5b869d5e221194187dd7f504d38b files/1.0.0/asterisk-1.0.5-astcfg-0.0.2.diff 5829
  RMD160 2983d78f8a1dd8768da919ddb3282511ebdb915c files/1.0.0/asterisk-1.0.5-astcfg-0.0.2.diff 5829
@@ -137,6 +141,10 @@ DIST asterisk-addons-1.0.9.tar.gz 73716 RMD160 98156861f790987fb4bf86b14c902aeca
  DIST bristuff-0.2.0-RC8r.tar.gz 194888 RMD160 d5dd31b9e4dcf30af6d2a62deb285a83f8a54019 SHA1 fc16a64e191d3f2720220f3ecbba3c55cece4654 SHA256 99f9da320d6335413384d12310e5ae9815572281c99d5908706022b6a4d6cb03
  DIST bristuff-0.3.0-PRE-1s.tar.gz 265953 RMD160 8d3abdbbae4c376d52225395c72f4538e1f84a94 SHA1 1d942df9e4fd963755080e011caba88a33601c1b SHA256 30adea4f070ed44d1952163e850c177f976857b96965e18844ccd492ccef968d
  DIST bristuff-0.3.0-PRE-1x.tar.gz 279200 RMD160 bc84aa50370627cfead9e0646cf87c16ddff7b00 SHA1 e02a82cebaefa0d666ad56532369310aae818d91 SHA256 13d98160d4a10b46b77c822577e6c64ad7dadbc2df1b4cd0a1007ae3bbbd4aa8
+EBUILD asterisk-1.0.12-r1.ebuild 14879 RMD160 60b4549d6d0e122b193be8e412da05e897d893c4 SHA1 b4ae0e612414ec5b7b2a3a90fd56d0f206d31434 SHA256 1152c0e6870f05987727a1e83b0e31db4e6743d0850d9e078919e290fa2c0d34
+MD5 5d26045d6815f50c4fc5eaa2db37492e asterisk-1.0.12-r1.ebuild 14879
+RMD160 60b4549d6d0e122b193be8e412da05e897d893c4 asterisk-1.0.12-r1.ebuild 14879
+SHA256 1152c0e6870f05987727a1e83b0e31db4e6743d0850d9e078919e290fa2c0d34 asterisk-1.0.12-r1.ebuild 14879
  EBUILD asterisk-1.0.12.ebuild 14783 RMD160 b6bde33cd58e65a87d73075d1a751fdfd83ca30f SHA1 2d1b508aab233328da55d4ea1e32a3f1fa08b635 SHA256 4fb9975d1e491fcc57bf7b1351a48c6b1a1c13ccd2388694e8108a6ed1fd7c5f
  MD5 c8b5d08f6366e3b758be41a447c208c5 asterisk-1.0.12.ebuild 14783
  RMD160 b6bde33cd58e65a87d73075d1a751fdfd83ca30f asterisk-1.0.12.ebuild 14783
@@ -153,10 +161,10 @@ EBUILD asterisk-1.2.14.ebuild 11838 RMD160 834090ebf563ed70ec98cb63ab463159019c8
  MD5 08d28ca37d6b92bacc2298fb5fd5c515 asterisk-1.2.14.ebuild 11838
  RMD160 834090ebf563ed70ec98cb63ab463159019c8582 asterisk-1.2.14.ebuild 11838
  SHA256 7e3813497985452771afd493925519fb0783c300f2fc3784cf8875d2ee424aee asterisk-1.2.14.ebuild 11838
-MISC ChangeLog 28524 RMD160 32eaee474667eb656a33c52b391f726f8ebbc02c SHA1 35d0dd75fbc849782677fe269eb6afd55cb7ded7 SHA256 ad821e09ae30bf4f5648f171bb5ffde1d4d80e411a4f617b222f267073da1785
-MD5 07c21889781d5e086c5473ee667979ff ChangeLog 28524
-RMD160 32eaee474667eb656a33c52b391f726f8ebbc02c ChangeLog 28524
-SHA256 ad821e09ae30bf4f5648f171bb5ffde1d4d80e411a4f617b222f267073da1785 ChangeLog 28524
+MISC ChangeLog 28748 RMD160 7ece7a057a92f081d5dee230f71c1487e8179551 SHA1 abc315e766d08cf6988cc7b3f6805b22c7aa7f75 SHA256 2e8519060764807414bc718c87bbf8ba629896587dd900a77e348b936760be78
+MD5 022618cc60c97cf04119a694a149d8b5 ChangeLog 28748
+RMD160 7ece7a057a92f081d5dee230f71c1487e8179551 ChangeLog 28748
+SHA256 2e8519060764807414bc718c87bbf8ba629896587dd900a77e348b936760be78 ChangeLog 28748
  MISC metadata.xml 384 RMD160 f5de78add5676233b8e0b9e111eab08970443582 SHA1 0441844fb3a715d6979e6c548147ada23d73fec2 SHA256 674224368cb2be6f72655cd67ee19d4d2d0f3425d560aff22b698269e0adc6d8
  MD5 488aea6fbdb7537394cc049b0ff9e5d5 metadata.xml 384
  RMD160 f5de78add5676233b8e0b9e111eab08970443582 metadata.xml 384
@@ -164,6 +172,9 @@ SHA256 674224368cb2be6f72655cd67ee19d4d2d0f3425d560aff22b698269e0adc6d8 metadata
  MD5 95775bbb5f4119ba3b8258c6ef4540a4 files/digest-asterisk-1.0.12 771
  RMD160 b40f27f08f1a9824ddd4f7d2117336012f03b26a files/digest-asterisk-1.0.12 771
  SHA256 d4a885ca62e246da4e29af6c12377489dd23126caf424fa2338e7131b45f3458 files/digest-asterisk-1.0.12 771
+MD5 95775bbb5f4119ba3b8258c6ef4540a4 files/digest-asterisk-1.0.12-r1 771
+RMD160 b40f27f08f1a9824ddd4f7d2117336012f03b26a files/digest-asterisk-1.0.12-r1 771
+SHA256 d4a885ca62e246da4e29af6c12377489dd23126caf424fa2338e7131b45f3458 files/digest-asterisk-1.0.12-r1 771
  MD5 041ef49546f5e16e3bd5fd5ff0719f70 files/digest-asterisk-1.2.13 1376
  RMD160 782b59125ab61b4e40f284bbf830bd1fe10b1d47 files/digest-asterisk-1.2.13 1376
  SHA256 63571a9178e245b14ca367735b833b0d1700e4e2595c3d7694df7e0d5bd3fe9f files/digest-asterisk-1.2.13 1376
diff --git a/net-misc/asterisk/asterisk-1.0.12-r1.ebuild b/net-misc/asterisk/asterisk-1.0.12-r1.ebuild

new file mode 100644 (file)

index 0000000..41fc955
--- /dev/null
+++ b/net-misc/asterisk/asterisk-1.0.12-r1.ebuild
@@ -0,0 +1,512 @@
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/asterisk/asterisk-1.0.12-r1.ebuild,v 1.1 2007/03/09 20:25:10 rajiv Exp $
+
+inherit eutils perl-app
+
+ADDONS_VERSION="1.0.9"
+BRI_VERSION="0.2.0-RC8r"
+
+MY_P="${P/_p/.}"
+
+DESCRIPTION="Asterisk: A Modular Open Source PBX System"
+HOMEPAGE="http://www.asterisk.org/"
+SRC_URI="http://ftp1.digium.com/pub/telephony/${PN}/releases/${MY_P}.tar.gz
+        http://ftp1.digium.com/pub/telephony/${PN}/old-releases/${PN}-addons-${ADDONS_VERSION}.tar.gz
+        bri? ( http://www.junghanns.net/downloads/bristuff-${BRI_VERSION}.tar.gz )"
+
+S_ADDONS="${WORKDIR}/${PN}-addons-${ADDONS_VERSION}"
+S_BRI="${WORKDIR}/bristuff-${BRI_VERSION}"
+S="${WORKDIR}/${MY_P}"
+
+
+IUSE="alsa bri debug doc gtk hardened mmx mysql mysqlfriends postgres pri resperl speex ukcid vmdbmysql vmdbpostgres zaptel"
+SLOT="0"
+LICENSE="GPL-2"
+KEYWORDS="~ppc ~x86"
+
+DEPEND="dev-libs/newt
+       dev-libs/openssl
+       media-sound/mpg123
+       media-sound/sox
+       doc? ( app-doc/doxygen )
+       gtk? ( =x11-libs/gtk+-1.2* )
+       pri? ( <net-libs/libpri-1.2 )
+       bri? ( <net-libs/libpri-1.2
+               <net-misc/zaptel-1.2 )
+       alsa? ( media-libs/alsa-lib )
+       mysql? ( virtual/mysql )
+       speex? ( media-libs/speex )
+       zaptel? ( <net-misc/zaptel-1.2 )
+       postgres? ( dev-db/postgresql )
+       vmdbmysql? ( virtual/mysql )
+       mysqlfriends? ( virtual/mysql )
+       vmdbpostgres? ( dev-db/postgresql )
+       resperl? ( dev-lang/perl
+                  <net-misc/zaptel-1.2 )"
+
+pkg_setup() {
+       local n
+
+       #
+       # Warning about security changes...
+       #
+       ewarn "****************** Important changes warning! *********************"
+       ewarn
+       ewarn "- Asterisk runs as user asterisk, group asterisk by default"
+       ewarn
+       ewarn "- Permissions of /etc/asterisk have been changed to root:asterisk"
+       ewarn "  750 (directories) / 640 (files)"
+       ewarn
+       ewarn "- Permissions of /var/{log,lib,run,spool}/asterisk have been changed"
+       ewarn "  to asterisk:asterisk 750 (directories) / 640 (files)"
+       ewarn
+       ewarn "- Asterisk's unix socket and pidfile are now in /var/run/asterisk"
+       ewarn
+       ewarn "- More information at the end of this emerge"
+       ewarn
+       ewarn "     http://bugs.gentoo.org/show_bug.cgi?id=88732"
+       ewarn "     http://www.voip-info.org/wiki-Asterisk+non-root"
+       ewarn
+       einfo "Press Ctrl+C to abort"
+       echo
+       ebeep
+
+       n=15
+       while [[ $n -gt 0 ]]; do
+               echo -en "  Waiting $n seconds...\r"
+               sleep 1
+               (( n-- ))
+       done
+
+       #
+       # Regular checks
+       #
+       einfo "Running some pre-flight checks..."
+       if use resperl; then
+               # res_perl pre-flight check...
+               if ! $(perl -V | grep -q "usemultiplicity=define") ||\
+                  ! built_with_use dev-lang/perl ithreads || ! built_with_use sys-devel/libperl ithreads
+               then
+                       eerror "Embedded perl add-on needs Perl and libperl with built-in threads support"
+                       eerror "(rebuild perl and libperl with ithreads use-flag enabled)"
+                       die "Perl w/o threads support..."
+               fi
+               einfo "Perl with ithreads support found"
+       fi
+
+
+       # mysql and postgres voicemail support are mutually exclusive..
+       if use vmdbmysql && use vmdbpostgres; then
+               eerror "MySQL and PostgreSQL Voicemail support are mutually exclusive... choose one!"
+               die "Conflicting use-flags"
+       fi
+
+       # check if zaptel and libpri have been built with bri enabled
+       if use bri; then
+               if ! built_with_use net-misc/zaptel bri; then
+                       eerror "Re-emerge zaptel with bri use-flag enabled!"
+                       die "Zaptel without bri support detected"
+               fi
+
+               if ! built_with_use net-libs/libpri bri; then
+                       eerror "Re-emerge libpri with bri use-flag enabled!"
+                       die "Libpri without bri support detected"
+               fi
+       fi
+
+       # check if zaptel has been built with ukcid
+       if use ukcid && ! built_with_use net-misc/zaptel ukcid; then
+               eerror "Re-emerge zaptel with ukcid useflag enabled!"
+               die "Zaptel missing ukcid support"
+       fi
+}
+
+src_unpack() {
+       unpack ${A}
+       cd ${S}
+
+       # set cflags & mmx optimization
+       sed -i  -e "s:^\(OPTIMIZE+=\).*:\1 ${CFLAGS}:" \
+               -e "s:^\(CFLAGS+=\$(shell if \$(CC)\):#\1:" \
+               Makefile
+
+       # hppa patch for gsm codec
+       epatch ${FILESDIR}/1.0.0/${PN}-1.0.8-hppa.patch
+
+       # mark adsi functions as weak references, things will blow
+       # on hardened otherwise (bug #100697 and #85655)
+       epatch ${FILESDIR}/1.0.0/${PN}-1.0.10-weak-references.diff
+
+       # gsm codec still uses -fomit-frame-pointer, and other codecs have their
+       # own flags. We only change the arch.
+       sed -i  -e "s:^OPTIMIZE+=.*:OPTIMIZE=${CFLAGS}:" \
+               -e "s:^CFLAGS[\t ]\++=:CFLAGS =:" \
+               codecs/gsm/Makefile
+
+       if use mmx; then
+               if ! use hardened; then
+                       einfo "Enabling mmx optimization"
+                       sed -i  -e "s:^#\(K6OPT[\t ]\+= -DK6OPT\):\1:" \
+                               codecs/gsm/Makefile
+               else
+                       ewarn "Hardened use-flag is set, not enabling mmx optimization for codec_gsm!"
+
+               fi
+       fi
+       if ! use mmx || use hardened; then
+               # don't build + link asm mmx object file
+               # without this codec_gsm.so will include text relocations
+               sed -i  -e "/k6opt\.\(s\|o\)/ d" \
+                       codecs/gsm/Makefile
+       fi
+
+       if ! use debug; then
+               einfo "Disabling debugging"
+               sed -i -e "s:^\(DEBUG=\):#\1:" Makefile
+       fi
+
+       # change image path in voicemail cgi
+       sed -i -e "s:^\(\$astpath = \).*:\1 \"/asterisk\";:" contrib/scripts/vmail.cgi
+
+       #
+       # embedded perl
+       #
+       if use resperl; then
+               einfo "Patching asterisk for embedded perl support..."
+               epatch ${S_ADDONS}/res_perl/astmake.diff
+
+               # create necessary .c file
+               /usr/bin/perl -MExtUtils::Embed -e xsinit || die "Could not create perlxsi.c"
+
+               cd ${S_ADDONS}
+
+               # fix perl path, source location and remove res_musiconhold
+               sed -i -e "s:/usr/local/bin/perl:/usr/bin/perl:" \
+                       res_perl/Makefile \
+                       ${S}/Makefile \
+                       res_perl/INC/*.pm
+               sed -i -e "s:^ASTSRC.*:ASTSRC = ${S}:" \
+                       -e "s:\$(ASTLIBDIR)/modules/res_musiconhold.so::" \
+                       res_perl/Makefile
+
+               if use bri; then
+                       epatch ${FILESDIR}/1.0.0/res_perl-1.0.7-bristuff-0.2.0.diff
+               fi
+
+               cd ${S}
+       fi
+
+       #
+       # uclibc patch
+       #
+       if use elibc_uclibc; then
+               einfo "Patching asterisk for uclibc..."
+               epatch ${FILESDIR}/1.0.0/${PN}-1.0.5-uclibc-dns.diff
+       fi
+
+       #
+       # other patches
+       #
+
+       # fix lpc10 Makefile, remove the
+       # CFLAGS+=-march=$(shell uname -m) part
+       epatch ${FILESDIR}/1.0.0/${PN}-1.0.5-lpc10flags.diff
+
+       # asterisk-config
+       epatch ${FILESDIR}/1.0.0/${PN}-1.0.5-astcfg-0.0.2.diff
+
+       #
+       # database voicemail support
+       #
+       if use postgres; then
+               sed -i  -e "s:^#\(APPS+=app_sql_postgres.so\):\1:" \
+                       -e "s:/usr/local/pgsql/include:/usr/include/postgresql/pgsql:" \
+                       -e "s:/usr/local/pgsql/lib:/usr/lib/postgresql:" \
+                       apps/Makefile
+       fi
+
+       if use vmdbpostgres; then
+               einfo "Enabling PostgreSQL voicemail support"
+               sed -i  -e "s:^\(USE_POSTGRES_VM_INTERFACE\).*:\1=1:" \
+                       -e "s:/usr/local/pgsql/include:/usr/include/postgresql/pgsql:" \
+                       -e "s:/usr/local/pgsql/lib:/usr/lib/postgresql:" \
+                       apps/Makefile
+
+               # patch app_voicemail.c
+               sed -i -e "s:^#include <postgresql/libpq-fe\.h>:#include \"libpq-fe\.h\":" \
+                       apps/app_voicemail.c
+
+       elif use vmdbmysql; then
+               einfo "Enabling MySQL voicemail support"
+               sed -i  -e "s:^\(USE_MYSQL_VM_INTERFACE\).*:\1=1:" \
+                       -e "s:^\(CFLAGS+=-DUSEMYSQLVM\):\1 -I${S_ADDONS}:" \
+                       apps/Makefile
+       fi
+
+       #
+       # MySQL friends support
+       #
+       if use mysqlfriends; then
+               einfo "Enabling MySQL friends support for SIP and IAX"
+               sed -i  -e "s:^\(USE_MYSQL_FRIENDS\)=.*:\1=1:" \
+                       -e "s:^\(USE_SIP_MYSQL_FRIENDS\)=.*:\1=1:" \
+                       channels/Makefile
+       fi
+
+       #
+       # asterisk add-ons
+       #
+       cd ${S_ADDONS}
+       sed -i -e "s:-I../asterisk:-I${S} -I${S}/include:" Makefile
+       sed -i  -e "s:^OPTIMIZE+=.*:OPTIMIZE+=${CFLAGS}:" \
+               -e "s:^\(CFLAGS=\)\(.*\):\1-I${S}/include -fPIC \2:" \
+               format_mp3/Makefile
+
+
+       #
+       # BRI patches
+       #
+       if use bri; then
+               cd ${S}
+               einfo "Patching asterisk w/ BRI stuff"
+
+               # remove after new patch has been released
+               sed -i -e "s:^\([+-]\)1\.0\.10:\11.0.11.1:" \
+                       ${S_BRI}/patches/asterisk.patch
+
+               epatch ${S_BRI}/patches/asterisk.patch
+       fi
+
+       #
+       # Revived snmp plugin support
+       #
+#      if use snmp; then
+#              cd ${S}
+#              einfo "Patching snmp plugin helper functions"
+#              epatch ${FILESDIR}/1.0.0/ast-ax-snmp-1.0.6.diff
+#      fi
+
+       # fix path for non-root
+       cd ${S}
+       sed -i -e "s:^\(ASTVARRUNDIR=\).*:\1\$(INSTALL_PREFIX)/var/run/asterisk:" \
+               Makefile
+
+       # fix contrib scripts for non-root
+       epatch ${FILESDIR}/1.0.0/${PN}-1.0.7-scripts.diff
+
+       # add initgroups support to asterisk, this is needed
+       # to support supplementary groups for the asterisk
+       # user (start-stop-daemons --chguid breaks realtime priority support)
+       epatch ${FILESDIR}/1.0.0/${PN}-1.0.8-initgroups.diff
+
+       # UK callerid patch, adds support for british-telecoms callerid to x100p cards
+       # see http://www.lusyn.com/asterisk/patches.html for more information
+       use ukcid && \
+               epatch ${FILESDIR}/1.0.0/${PN}-1.0.9-ukcid.patch
+
+       # needed for >=freetds-0.63
+       if has_version ">=dev-db/freetds-0.63"; then
+               epatch ${FILESDIR}/1.0.0/${PN}-1.0.9-freetds.diff
+       fi
+
+       # security fix, bug #111836
+       epatch ${FILESDIR}/1.0.0/${PN}-1.0.10-vmail.cgi.patch
+
+       # patch for mISDN
+       epatch ${FILESDIR}/1.0.0/${PN}-1.0.10-misdn.patch
+
+       # CVE-2006-1827: integer signedness error in format_jpeg (#131096)
+       epatch ${FILESDIR}/1.0.0/${PN}-1.0-CVE-2006-1827.patch
+
+       # patch for chan_sip issue (#169616)
+       epatch ${FILESDIR}/1.0.0/${PN}-1.0.12-chan_sip.patch
+}
+
+src_compile() {
+       # build asterisk first...
+       einfo "Building Asterisk..."
+       cd ${S}
+       emake -j1 || die "Make failed"
+
+       # create api docs
+       use doc && \
+               emake -j1 progdocs
+
+       #
+       # add-ons
+       #
+       einfo "Building additional stuff..."
+       cd ${S_ADDONS}
+       emake -j1 || die "Make failed"
+
+       if use resperl; then
+               cd ${S_ADDONS}/res_perl
+               emake -j1 || die "Building embedded perl failed"
+       fi
+}
+
+src_install() {
+       make DESTDIR=${D} install || die "Make install failed"
+       make DESTDIR=${D} samples || die "Make install samples failed"
+
+       # install astconf.h, a lot of external modules need this
+       insinto /usr/include/asterisk
+       doins   astconf.h
+
+       # install addmailbox and astgenkey
+       dosbin contrib/scripts/addmailbox
+       dosbin contrib/scripts/astgenkey
+
+       newinitd ${FILESDIR}/1.0.0/asterisk.rc6.sec asterisk
+       newconfd ${FILESDIR}/1.0.0/asterisk.confd.sec asterisk
+
+       # don't delete these, even if they are empty
+       keepdir /var/spool/asterisk/voicemail/default/1234/INBOX
+       keepdir /var/spool/asterisk/tmp
+       keepdir /var/log/asterisk/cdr-csv
+       keepdir /var/run/asterisk
+
+       # install standard docs...
+       dodoc BUGS CREDITS LICENSE ChangeLog HARDWARE README README.fpm
+       dodoc SECURITY doc/CODING-GUIDELINES doc/linkedlists.README
+       dodoc doc/README.*
+       dodoc doc/*.txt
+
+       docinto scripts
+       dodoc contrib/scripts/*
+       docinto firmware/iax
+       dodoc contrib/firmware/iax/*
+
+       # install api docs
+       if use doc; then
+               insinto /usr/share/doc/${PF}/api/html
+               doins doc/api/html/*
+       fi
+
+       insinto /usr/share/doc/${PF}/cgi
+       doins contrib/scripts/vmail.cgi
+       doins images/*.gif
+
+       #
+       # add-ons
+       #
+
+       # install additional modules...
+       einfo "Installing additional modules..."
+       cd ${S_ADDONS}
+       make INSTALL_PREFIX=${D} install || die "Make install failed"
+
+       if use resperl; then
+               perlinfo
+
+               cd ${S_ADDONS}/res_perl
+               make INSTALL_PREFIX=${D} install || die "Installation of perl AST_API failed"
+
+               # move AstApiBase.so to a proper place
+               dodir ${VENDOR_LIB}/auto/AstAPIBase
+               mv ${D}/etc/asterisk/perl/AstAPIBase.so ${D}${VENDOR_LIB}/auto/AstAPIBase
+
+               # move *.pm files to other location
+               dodir ${VENDOR_LIB}/AstAPI
+               dodir ${VENDOR_LIB}/AstAPIBase
+               for x in AstAPI.pm AstConfig.pm LoadFile.pm PerlSwitch.pm WebServer.pm; do
+                       mv ${D}/etc/asterisk/perl/${x} ${D}${VENDOR_LIB}/AstAPI
+                       dosed "s/^use[\t ]\+${x/.pm/};/use AstAPI::${x/.pm/};/" /etc/asterisk/perl/asterisk_init.pm
+               done
+               mv ${D}/etc/asterisk/perl/AstAPIBase.pm ${D}${VENDOR_LIB}/AstAPIBase
+               dosed "s/^use[\t ]\+AstAPI;/use AstAPI::AstAPI;/" /etc/asterisk/perl/asterisk_init.pm
+               dosed "s/^use[\t ]\+AstAPIBase;/use AstAPIBase::AstAPIBase;/" ${VENDOR_LIB}/AstAPI/AstAPI.pm
+
+               # move apps + htdocs to a proper place
+               dodir /var/lib/asterisk/perl
+               mv ${D}/etc/asterisk/perl/{apps,htdocs} ${D}/var/lib/asterisk/perl
+
+               # fix locations
+               sed -i -e "s:/etc/asterisk/perl:/var/lib/asterisk/perl:" \
+                       ${D}${VENDOR_LIB}/AstAPI/LoadFile.pm ${D}${VENDOR_LIB}/AstAPI/WebServer.pm
+       fi
+}
+
+pkg_preinst() {
+       einfo "Adding asterisk user and group"
+       enewgroup asterisk
+       enewuser asterisk -1 -1 /var/lib/asterisk asterisk
+}
+
+pkg_postinst() {
+       #
+       # Change permissions and ownerships of asterisk
+       # directories and files
+       #
+       einfo "Fixing permissions and ownerships"
+       # fix permissions in /var/...
+       for x in spool run lib log; do
+               chown -R asterisk:asterisk ${ROOT}var/${x}/asterisk
+               chmod -R u=rwX,g=rX,o=     ${ROOT}var/${x}/asterisk
+       done
+
+       chown -R root:asterisk ${ROOT}etc/asterisk
+       chmod -R u=rwX,g=rX,o= ${ROOT}etc/asterisk
+
+       #
+       # Fix locations for old installations (pre-non-root versions)
+       #
+       if [[ -z "$(grep "/var/run/asterisk" ${ROOT}etc/asterisk/asterisk.conf)" ]]
+       then
+               elog "Fixing astrundir in ${ROOT}etc/asterisk/asterisk.conf"
+               mv -f ${ROOT}etc/asterisk/asterisk.conf \
+                       ${ROOT}etc/asterisk/asterisk.conf.bak
+               sed -e "s:^\(astrundir[\t ]=>\).*:\1 /var/run/asterisk:" \
+                       ${ROOT}etc/asterisk/asterisk.conf.bak >\
+                       ${ROOT}etc/asterisk/asterisk.conf
+               elog "Backup has been saved as ${ROOT}etc/asterisk/asterisk.conf.bak"
+       fi
+
+       #
+       # Some messages
+       #
+       einfo "Asterisk has been installed"
+       einfo ""
+       elog "to add new Mailboxes use: /usr/sbin/addmailbox"
+       echo
+       elog "If you want to know more about asterisk, visit these sites:"
+       elog "http://www.asteriskdocs.org/"
+       elog "http://www.voip-info.org/wiki-Asterisk"
+       echo
+       elog "http://asterisk.xvoip.com/"
+       elog "http://junghanns.net/asterisk/"
+       elog "http://www.automated.it/guidetoasterisk.htm"
+       echo
+       elog "Gentoo VoIP IRC Channel:"
+       elog "#gentoo-voip @ irc.freenode.net"
+
+       #
+       # Warning about security changes...
+       #
+       ewarn "*********************** Important changes **************************"
+       ewarn
+       ewarn "- Asterisk runs as user asterisk, group asterisk by default"
+       ewarn
+       ewarn "- Make sure the asterisk user is a member of the proper groups if you want it"
+       ewarn "  to have access to hardware devices, e.g. \"audio\" for Alsa and OSS sound or"
+       ewarn "  \"dialout\" for zaptel!"
+       ewarn
+       ewarn "- Permissions of /etc/asterisk have been changed to root:asterisk"
+       ewarn "  750 (rwxr-x--- directories) / 640 (rw-r----- files)"
+       ewarn
+       ewarn "- Permissions of /var/{log,lib,run,spool}/asterisk have been changed"
+       ewarn "  to asterisk:asterisk 750 / 640"
+       ewarn
+       ewarn "- Asterisk's unix socket and pidfile are now in /var/run/astrisk"
+       ewarn
+       ewarn "- Asterisk cannot set the IP ToS bits when run as user,"
+       ewarn "  use something like this to make iptables set them for you:"
+       ewarn "  \"iptables -A OUTPUT -t mangle -p udp -m udp --dport 5060 -j DSCP --set-dscp 0x28\""
+       ewarn "  \"iptables -A OUTPUT -t mangle -p udp -m udp --sport 10000:20000 -j DSCP --set-dscp 0x28\""
+       ewarn "  (taken from voip-info.org comments (see below), thanks andrewid)"
+       ewarn
+       ewarn "For more details:"
+       ewarn "     http://bugs.gentoo.org/show_bug.cgi?id=88732"
+       ewarn "     http://www.voip-info.org/wiki-Asterisk+non-root"
+}
diff --git a/net-misc/asterisk/files/1.0.0/asterisk-1.0.12-chan_sip.patch b/net-misc/asterisk/files/1.0.0/asterisk-1.0.12-chan_sip.patch

new file mode 100644 (file)

index 0000000..31aa97d
--- /dev/null
+++ b/net-misc/asterisk/files/1.0.0/asterisk-1.0.12-chan_sip.patch
@@ -0,0 +1,17 @@
+Ported from <http://svn.digium.com/view/asterisk?rev=57478&view=rev>.
+More information at <http://bugs.gentoo.org/169616>.
+--- channels/chan_sip.c.7221   2007-03-06 11:52:32.000000000 -0500
++++ channels/chan_sip.c        2007-03-06 12:18:50.000000000 -0500
+@@ -7293,6 +7293,12 @@
+                  increasing */
+               p->icseq = seqno;
+ 
++      if (!e && (strcasecmp(cmd, "INVITE") == 0 || strcasecmp(cmd, "SUBSCRIBE") == 0 || strcasecmp(cmd, "REGISTER") == 0 || strcasecmp(cmd, "NOTIFY") == 0)) {
++              transmit_response(p, "503 Server error", req);
++              p->needdestroy = 1;
++              return -1;
++      }
++
+       /* Initialize the context if it hasn't been already */
+       if (!strcasecmp(cmd, "OPTIONS")) {
+               res = get_destination(p, req);
diff --git a/net-misc/asterisk/files/digest-asterisk-1.0.12-r1 b/net-misc/asterisk/files/digest-asterisk-1.0.12-r1

new file mode 100644 (file)

index 0000000..39a3108
--- /dev/null
+++ b/net-misc/asterisk/files/digest-asterisk-1.0.12-r1
@@ -0,0 +1,9 @@
+MD5 d1a2f994cbeee02258c8da4a60b07bc1 asterisk-1.0.12.tar.gz 9641502
+RMD160 bb6d5d38e2945e43d367cb7aedf1e0f557808a29 asterisk-1.0.12.tar.gz 9641502
+SHA256 0b900a9614bb936334247ff6881edc9eb57d6a684fc5a4aab4e4dd4c7f597ff6 asterisk-1.0.12.tar.gz 9641502
+MD5 2b6e1da3ff097f9792d3123e7e5a0059 asterisk-addons-1.0.9.tar.gz 73716
+RMD160 98156861f790987fb4bf86b14c902aeca90b380b asterisk-addons-1.0.9.tar.gz 73716
+SHA256 4c878a4e5b5aabbdd93116ccbca5cf6465d55f480f4aa1e6438e9fc49c1f11fe asterisk-addons-1.0.9.tar.gz 73716
+MD5 4306e18c195e6b1a37af02fedd4a153e bristuff-0.2.0-RC8r.tar.gz 194888
+RMD160 d5dd31b9e4dcf30af6d2a62deb285a83f8a54019 bristuff-0.2.0-RC8r.tar.gz 194888
+SHA256 99f9da320d6335413384d12310e5ae9815572281c99d5908706022b6a4d6cb03 bristuff-0.2.0-RC8r.tar.gz 194888
author	Rajiv Aaron Manglani <rajiv@gentoo.org>
	Fri, 9 Mar 2007 20:25:10 +0000 (20:25 +0000)
committer	Rajiv Aaron Manglani <rajiv@gentoo.org>
	Fri, 9 Mar 2007 20:25:10 +0000 (20:25 +0000)
net-misc/asterisk/ChangeLog		patch \| blob \| history
net-misc/asterisk/Manifest		patch \| blob \| history
net-misc/asterisk/asterisk-1.0.12-r1.ebuild	[new file with mode: 0644]	patch \| blob
net-misc/asterisk/files/1.0.0/asterisk-1.0.12-chan_sip.patch	[new file with mode: 0644]	patch \| blob
net-misc/asterisk/files/digest-asterisk-1.0.12-r1	[new file with mode: 0644]	patch \| blob