Do a revision bump to add a patch to address http://bugs.cacti.net/view.php?id=2383 .

Fixes bug 482424 (CVE-2013-5588, CVE-2013-5589).
author: Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org> 2013-08-27 02:07:16 +0000
committer: Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org> 2013-08-27 02:07:16 +0000
commit: b18b9936001fc7713f46f7197b1c577a3082ab52 (patch)
tree: 169a1ede674740c1ebfbe1e1bace48c279eb9090 /net-analyzer
parent: Bump cacti-spine to the 0.8.8b release. (diff)
download: jmbsvicetto-b18b9936001fc7713f46f7197b1c577a3082ab52.tar.gz
jmbsvicetto-b18b9936001fc7713f46f7197b1c577a3082ab52.tar.bz2
jmbsvicetto-b18b9936001fc7713f46f7197b1c577a3082ab52.zip
2 files changed, 237 insertions, 0 deletions
diff --git a/net-analyzer/cacti/cacti-0.8.8b-r1.ebuild b/net-analyzer/cacti/cacti-0.8.8b-r1.ebuild
new file mode 100644
index 0000000..053d473
--- /dev/null
+++ b/net-analyzer/cacti/cacti-0.8.8b-r1.ebuild
@@ -0,0 +1,87 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+EAPI="4"
+
+inherit depend.php eutils webapp
+
+# Support for _p* in version.
+MY_P=${P/_p*/}
+
+DESCRIPTION="Cacti is a complete frontend to rrdtool"
+HOMEPAGE="http://www.cacti.net/"
+SRC_URI="http://www.cacti.net/downloads/${MY_P}.tar.gz"
+
+# patches
+UPSTREAM_PATCHES=""
+if [[ -n ${UPSTREAM_PATCHES} ]]; then
+	for i in ${UPSTREAM_PATCHES}; do
+		SRC_URI="${SRC_URI} http://www.cacti.net/downloads/patches/${PV/_p*}/${i}.patch"
+	done
+fi
+
+LICENSE="GPL-2"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ppc ~ppc64 ~sparc ~x86"
+IUSE="snmp doc"
+
+need_httpd
+
+DEPEND=""
+RDEPEND="
+	dev-lang/php[cli,mysql,session,sockets,xml]
+	dev-php/adodb
+	net-analyzer/rrdtool
+	virtual/cron
+	virtual/mysql
+	snmp? ( >=net-analyzer/net-snmp-5.2.0 )
+"
+
+src_unpack() {
+	unpack ${MY_P}.tar.gz
+
+	if [[ -n ${UPSTREAM_PATCHES} ]]; then
+		[ ! ${MY_P} == ${P} ] && mv ${MY_P} ${P}
+	fi
+}
+
+src_prepare() {
+	# Patch to address http://bugs.cacti.net/view.php?id=2383
+	# Fixes bug 482424 (CVE-2013-5588, CVE-2013-5589)
+	epatch "${FILESDIR}/${PN}-r7420.patch"
+
+	if [[ -n ${UPSTREAM_PATCHES} ]]; then
+		for i in ${UPSTREAM_PATCHES} ; do
+			EPATCH_OPTS="-p1 -d ${S} -N" epatch "${DISTDIR}"/${i}.patch
+		done ;
+	fi
+
+	sed -i -e \
+		's:$config\["library_path"\] . "/adodb/adodb.inc.php":"adodb/adodb.inc.php":' \
+		"${S}"/include/global.php || die
+
+	rm -rf lib/adodb || die # don't use bundled adodb
+}
+
+src_compile() { :; }
+
+src_install() {
+	webapp_src_preinst
+
+	rm LICENSE README || die
+	dodoc docs/{CHANGELOG,CONTRIB,README,txt/manual.txt} || die
+	use doc && dohtml -r docs/html/
+	rm -rf docs
+
+	edos2unix `find -type f -name '*.php'`
+
+	dodir ${MY_HTDOCSDIR}
+	cp -r . "${D}"${MY_HTDOCSDIR}
+
+	webapp_serverowned ${MY_HTDOCSDIR}/rra
+	webapp_serverowned ${MY_HTDOCSDIR}/log/cacti.log
+	webapp_configfile ${MY_HTDOCSDIR}/include/config.php
+	webapp_postinst_txt en "${FILESDIR}"/postinstall-en.txt
+
+	webapp_src_install
+}
diff --git a/net-analyzer/cacti/files/cacti-r7420.patch b/net-analyzer/cacti/files/cacti-r7420.patch
new file mode 100644
index 0000000..55a244e
--- /dev/null
+++ b/net-analyzer/cacti/files/cacti-r7420.patch
@@ -0,0 +1,150 @@
+Index: cacti-0.8.8b/host.php
+===================================================================
+--- cacti-0.8.8b/host.php	(revision 7419)
++++ cacti-0.8.8b/host.php	(revision 7420)
+@@ -149,6 +149,9 @@
+ 		if ($_POST["snmp_version"] == 3 && ($_POST["snmp_password"] != $_POST["snmp_password_confirm"])) {
+ 			raise_message(4);
+ 		}else{
++			input_validate_input_number(get_request_var_post("id"));
++			input_validate_input_number(get_request_var_post("host_template_id"));
++
+ 			$host_id = api_device_save($_POST["id"], $_POST["host_template_id"], $_POST["description"],
+ 				trim($_POST["hostname"]), $_POST["snmp_community"], $_POST["snmp_version"],
+ 				$_POST["snmp_username"], $_POST["snmp_password"],
+Index: cacti-0.8.8b/lib/api_device.php
+===================================================================
+--- cacti-0.8.8b/lib/api_device.php	(revision 7419)
++++ cacti-0.8.8b/lib/api_device.php	(revision 7420)
+@@ -107,7 +107,7 @@
+ 		$_host_template_id = db_fetch_cell("select host_template_id from host where id=$id");
+ 	}
+ 
+-	$save["id"] = $id;
++	$save["id"]                   = form_input_validate($id, "id", "^[0-9]+$", false, 3);
+ 	$save["host_template_id"]     = form_input_validate($host_template_id, "host_template_id", "^[0-9]+$", false, 3);
+ 	$save["description"]          = form_input_validate($description, "description", "", false, 3);
+ 	$save["hostname"]             = form_input_validate(trim($hostname), "hostname", "", false, 3);
+Index: cacti-0.8.8b/install/index.php
+===================================================================
+--- cacti-0.8.8b/install/index.php	(revision 7419)
++++ cacti-0.8.8b/install/index.php	(revision 7420)
+@@ -310,27 +310,28 @@
+ }
+ 
+ /* pre-processing that needs to be done for each step */
+-if (empty($_REQUEST["step"])) {
+-	$_REQUEST["step"] = 1;
+-}else{
+-	if ($_REQUEST["step"] == "1") {
+-		$_REQUEST["step"] = "2";
+-	}elseif (($_REQUEST["step"] == "2") && ($_REQUEST["install_type"] == "1")) {
+-		$_REQUEST["step"] = "3";
+-	}elseif (($_REQUEST["step"] == "2") && ($_REQUEST["install_type"] == "3")) {
+-		$_REQUEST["step"] = "8";
+-	}elseif (($_REQUEST["step"] == "8") && ($old_version_index <= array_search("0.8.5a", $cacti_versions))) {
+-		$_REQUEST["step"] = "9";
+-	}elseif ($_REQUEST["step"] == "8") {
+-		$_REQUEST["step"] = "3";
+-	}elseif ($_REQUEST["step"] == "9") {
+-		$_REQUEST["step"] = "3";
+-	}elseif ($_REQUEST["step"] == "3") {
+-		$_REQUEST["step"] = "4";
++if (isset($_REQUEST["step"]) && $_REQUEST["step"] > 0) {
++	$step = intval($_REQUEST["step"]);
++	if ($step == "1") {
++		$step = "2";
++	} elseif (($step == "2") && ($_REQUEST["install_type"] == "1")) {
++		$step = "3";
++	} elseif (($step == "2") && ($_REQUEST["install_type"] == "3")) {
++		$step = "8";
++	} elseif (($step == "8") && ($old_version_index <= array_search("0.8.5a", $cacti_versions))) {
++		$step = "9";
++	} elseif ($step == "8") {
++		$step = "3";
++	} elseif ($step == "9") {
++		$step = "3";
++	} elseif ($step == "3") {
++		$step = "4";
+ 	}
++} else {
++	$step = 1;
+ }
+ 
+-if ($_REQUEST["step"] == "4") {
++if ($step == "4") {
+ 	include_once("../lib/data_query.php");
+ 	include_once("../lib/utility.php");
+ 
+@@ -366,7 +367,7 @@
+ 
+ 	header ("Location: ../index.php");
+ 	exit;
+-}elseif (($_REQUEST["step"] == "8") && ($_REQUEST["install_type"] == "3")) {
++}elseif (($step == "8") && ($_REQUEST["install_type"] == "3")) {
+ 	/* if the version is not found, die */
+ 	if (!is_int($old_version_index)) {
+ 		print "	<p style='font-family: Verdana, Arial; font-size: 16px; font-weight: bold; color: red;'>Error</p>
+@@ -505,7 +506,7 @@
+ 				</tr>
+ 				<tr>
+ 					<td width="100%" style="font-size: 12px;">
+-						<?php if ($_REQUEST["step"] == "1") { ?>
++						<?php if ($step == "1") { ?>
+ 
+ 						<p>Thanks for taking the time to download and install cacti, the complete graphing
+ 						solution for your network. Before you can start making cool graphs, there are a few
+@@ -530,7 +531,7 @@
+ 						MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ 						GNU General Public License for more details.</p>
+ 
+-						<?php }elseif ($_REQUEST["step"] == "2") { ?>
++						<?php }elseif ($step == "2") { ?>
+ 
+ 						<p>Please select the type of installation</p>
+ 
+@@ -551,7 +552,7 @@
+ 							print "Server Operating System Type: " . $config["cacti_server_os"] . "<br>"; ?>
+ 						</p>
+ 
+-						<?php }elseif ($_REQUEST["step"] == "3") { ?>
++						<?php }elseif ($step == "3") { ?>
+ 
+ 						<p>Make sure all of these values are correct before continuing.</p>
+ 						<?php
+@@ -609,7 +610,7 @@
+ 						is an upgrade. You can change any of the settings on this screen at a later
+ 						time by going to "Cacti Settings" from within Cacti.</p>
+ 
+-						<?php }elseif ($_REQUEST["step"] == "8") { ?>
++						<?php }elseif ($step == "8") { ?>
+ 
+ 						<p>Upgrade results:</p>
+ 
+@@ -659,7 +660,7 @@
+ 						print $upgrade_results;
+ 						?>
+ 
+-						<?php }elseif ($_REQUEST["step"] == "9") { ?>
++						<?php }elseif ($step == "9") { ?>
+ 
+ 						<p style='font-size: 16px; font-weight: bold; color: red;'>Important Upgrade Notice</p>
+ 
+@@ -673,7 +674,7 @@
+ 
+ 						<?php }?>
+ 
+-						<p align="right"><input type="image" src="install_<?php if ($_REQUEST["step"] == "3") {?>finish<?php }else{?>next<?php }?>.gif" alt="<?php if ($_REQUEST["step"] == "3"){?>Finish<?php }else{?>Next<?php }?>"></p>
++						<p align="right"><input type="image" src="install_<?php if ($step == "3") {?>finish<?php }else{?>next<?php }?>.gif" alt="<?php if ($step == "3"){?>Finish<?php }else{?>Next<?php }?>"></p>
+ 					</td>
+ 				</tr>
+ 			</table>
+@@ -681,7 +682,7 @@
+ 	</tr>
+ </table>
+ 
+-<input type="hidden" name="step" value="<?php print $_REQUEST["step"];?>">
++<input type="hidden" name="step" value="<?php print $step;?>">
+ 
+ </form>
+
author	Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org>	2013-08-27 02:07:16 +0000
committer	Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org>	2013-08-27 02:07:16 +0000
commit	b18b9936001fc7713f46f7197b1c577a3082ab52 (patch)
tree	169a1ede674740c1ebfbe1e1bace48c279eb9090 /net-analyzer
parent	Bump cacti-spine to the 0.8.8b release. (diff)
download	jmbsvicetto-b18b9936001fc7713f46f7197b1c577a3082ab52.tar.gz jmbsvicetto-b18b9936001fc7713f46f7197b1c577a3082ab52.tar.bz2 jmbsvicetto-b18b9936001fc7713f46f7197b1c577a3082ab52.zip