2015-06-28 20:50:37 +02:00
|
|
|
#!/bin/sh
|
|
|
|
#
|
|
|
|
# MAINTAINER: portmgr@FreeBSD.org
|
|
|
|
|
|
|
|
set -e
|
2020-11-11 14:29:52 +01:00
|
|
|
set -o pipefail
|
2015-06-28 20:50:37 +02:00
|
|
|
|
|
|
|
. ${dp_SCRIPTSDIR}/functions.sh
|
|
|
|
|
2015-07-01 22:08:26 +02:00
|
|
|
validate_env dp_RAWDEPENDS dp_DEPTYPE dp_DEPENDS_TARGET dp_DEPENDS_PRECLEAN \
|
2015-06-28 20:50:37 +02:00
|
|
|
dp_DEPENDS_CLEAN dp_DEPENDS_ARGS dp_USE_PACKAGE_DEPENDS \
|
|
|
|
dp_USE_PACKAGE_DEPENDS_ONLY dp_PKG_ADD dp_PKG_INFO dp_WRKDIR \
|
|
|
|
dp_PKGNAME dp_STRICT_DEPENDS dp_LOCALBASE dp_LIB_DIRS dp_SH \
|
2019-09-03 16:36:00 +02:00
|
|
|
dp_SCRIPTSDIR PORTSDIR dp_MAKE dp_MAKEFLAGS dp_OVERLAYS
|
2015-06-28 20:50:37 +02:00
|
|
|
|
2016-05-20 21:01:59 +02:00
|
|
|
[ -n "${DEBUG_MK_SCRIPTS}" -o -n "${DEBUG_MK_SCRIPTS_DO_DEPENDS}" ] && set -x
|
|
|
|
|
2015-06-28 20:50:37 +02:00
|
|
|
set -u
|
|
|
|
|
|
|
|
install_depends()
|
|
|
|
{
|
|
|
|
origin=$1
|
|
|
|
target=$2
|
|
|
|
depends_args=$3
|
|
|
|
if [ -z "${dp_USE_PACKAGE_DEPENDS}" -a -z "${dp_USE_PACKAGE_DEPENDS_ONLY}" ]; then
|
2017-12-07 02:51:00 +01:00
|
|
|
MAKEFLAGS="${dp_MAKEFLAGS}" ${dp_MAKE} -C ${origin} -DINSTALLS_DEPENDS ${target} ${depends_args}
|
2015-06-28 20:50:37 +02:00
|
|
|
return 0
|
|
|
|
fi
|
|
|
|
|
2016-06-24 07:04:33 +02:00
|
|
|
port_var_fetch "${origin}" "${depends_args}" \
|
|
|
|
PKGFILE pkgfile \
|
|
|
|
PKGBASE pkgbase
|
|
|
|
|
2015-06-28 20:50:37 +02:00
|
|
|
if [ -r "${pkgfile}" -a "${target}" = "${dp_DEPENDS_TARGET}" ]; then
|
|
|
|
echo "===> Installing existing package ${pkgfile}"
|
|
|
|
if [ "${pkgbase}" = "pkg" ]; then
|
|
|
|
[ -d ${dp_WRKDIR} ] || mkdir -p ${dp_WRKDIR}
|
|
|
|
tar xf ${pkgfile} -C ${dp_WRKDIR} -s ",/.*/,,g" "*/pkg-static"
|
|
|
|
${dp_WRKDIR}/pkg-static add ${pkgfile}
|
|
|
|
rm -f ${dp_WRKDIR}/pkg-static
|
|
|
|
else
|
|
|
|
${dp_PKG_ADD} -A ${pkgfile}
|
|
|
|
fi
|
|
|
|
elif [ -n "${dp_USE_PACKAGE_DEPENDS_ONLY}" -a "${target}" = "${dp_DEPENDS_TARGET}" ]; then
|
|
|
|
echo "===> ${dp_PKGNAME} depends on package: ${pkgfile} - not found" >&2
|
2016-06-24 06:53:45 +02:00
|
|
|
echo "===> USE_PACKAGE_DEPENDS_ONLY set - not building missing dependency from source" >&2
|
2015-06-28 20:50:37 +02:00
|
|
|
exit 1
|
|
|
|
else
|
2017-12-07 02:51:00 +01:00
|
|
|
MAKEFLAGS="${dp_MAKEFLAGS}" ${dp_MAKE} -C ${origin} -DINSTALLS_DEPENDS ${target} ${depends_args}
|
2015-06-28 20:50:37 +02:00
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
|
|
|
find_package()
|
|
|
|
{
|
|
|
|
if ${dp_PKG_INFO} "$1" >/dev/null 2>&1; then
|
|
|
|
echo "===> ${dp_PKGNAME} depends on package: $1 - found"
|
|
|
|
return 0
|
|
|
|
fi
|
2015-09-02 23:23:47 +02:00
|
|
|
echo "===> ${dp_PKGNAME} depends on package: $1 - not found"
|
2015-06-28 20:50:37 +02:00
|
|
|
return 1
|
|
|
|
}
|
|
|
|
|
|
|
|
find_file()
|
|
|
|
{
|
|
|
|
if [ -e "$1" ]; then
|
|
|
|
echo "===> ${dp_PKGNAME} depends on file: $1 - found"
|
|
|
|
return 0
|
|
|
|
fi
|
|
|
|
echo "===> ${dp_PKGNAME} depends on file: $1 - not found"
|
|
|
|
return 1
|
|
|
|
}
|
|
|
|
|
|
|
|
find_file_path()
|
|
|
|
{
|
|
|
|
if which -s $1 ; then
|
|
|
|
echo "===> ${dp_PKGNAME} depends on executable: $1 - found"
|
|
|
|
return 0
|
|
|
|
fi
|
|
|
|
echo "===> ${dp_PKGNAME} depends on executable: $1 - not found"
|
|
|
|
return 1
|
|
|
|
}
|
|
|
|
|
|
|
|
find_lib()
|
|
|
|
{
|
|
|
|
echo -n "===> ${dp_PKGNAME} depends on shared library: $1"
|
2015-06-30 21:54:23 +02:00
|
|
|
libfile=$(env -i PATH="${PATH}" LIB_DIRS="${dp_LIB_DIRS}" LOCALBASE="${dp_LOCALBASE}" ${dp_SH} ${dp_SCRIPTSDIR}/find-lib.sh $1)
|
2015-06-28 20:50:37 +02:00
|
|
|
if [ -z "${libfile}" ]; then
|
|
|
|
echo " - not found"
|
|
|
|
return 1
|
|
|
|
fi
|
|
|
|
echo " - found (${libfile})"
|
|
|
|
}
|
|
|
|
|
|
|
|
anynotfound=0
|
2015-11-13 19:00:34 +01:00
|
|
|
err=0
|
2015-06-28 20:50:37 +02:00
|
|
|
for _line in ${dp_RAWDEPENDS} ; do
|
Implement basic flavors.
**Do not start migrating any ports, a hook will prevent it**
This has been a long awaiting feature, most of the work has been done by
bapt, bdrewery and antoine, I am just the one actually doing the commit.
All this informations, and more to come are in the first link to our wiki
in the bottom block. A roadmap is in the second link.
To define a different flavors in a port, before any include, set:
FLAVORS= flavor1 flavor2 [...]
The first flavor in the list will be the default.
You can then check for flavors after includ'ing bsd.port.options.mk with:
.if ${FLAVOR} == flavor2
[some stuff]
.endif
To build flavor2, simply run:
make FLAVOR=flavor2
To depend on a specific flavor, write @<flavor> at the end of the depend
string, like:
RUN_DEPENDS= something:origin@foo
Submitted by: bapt, bdrewery, antoine
Reviewed by: portmgr
More infos: https://wiki.freebsd.org/Ports/FlavorsMigration
Todo List: https://wiki.freebsd.org/Ports/FlavorsAndSubPackages
With hat: portmgr
Differential Revision: https://reviews.freebsd.org/D10327
2017-09-26 16:14:44 +02:00
|
|
|
# ensure we never leak flavors
|
|
|
|
unset FLAVOR
|
2015-06-28 20:50:37 +02:00
|
|
|
myifs=${IFS}
|
|
|
|
IFS=:
|
|
|
|
set -- ${_line}
|
|
|
|
IFS=${myifs}
|
|
|
|
if [ $# -lt 2 -o $# -gt 3 ]; then
|
|
|
|
echo "Error: bad dependency syntax in ${dp_DEPTYPE}" >&2
|
Implement basic flavors.
**Do not start migrating any ports, a hook will prevent it**
This has been a long awaiting feature, most of the work has been done by
bapt, bdrewery and antoine, I am just the one actually doing the commit.
All this informations, and more to come are in the first link to our wiki
in the bottom block. A roadmap is in the second link.
To define a different flavors in a port, before any include, set:
FLAVORS= flavor1 flavor2 [...]
The first flavor in the list will be the default.
You can then check for flavors after includ'ing bsd.port.options.mk with:
.if ${FLAVOR} == flavor2
[some stuff]
.endif
To build flavor2, simply run:
make FLAVOR=flavor2
To depend on a specific flavor, write @<flavor> at the end of the depend
string, like:
RUN_DEPENDS= something:origin@foo
Submitted by: bapt, bdrewery, antoine
Reviewed by: portmgr
More infos: https://wiki.freebsd.org/Ports/FlavorsMigration
Todo List: https://wiki.freebsd.org/Ports/FlavorsAndSubPackages
With hat: portmgr
Differential Revision: https://reviews.freebsd.org/D10327
2017-09-26 16:14:44 +02:00
|
|
|
echo "expecting: pattern:origin[@flavour][:target]" >&2
|
2015-06-28 20:50:37 +02:00
|
|
|
echo "got: ${_line}" >&2
|
2015-11-13 19:00:34 +01:00
|
|
|
err=1
|
|
|
|
continue
|
2015-06-28 20:50:37 +02:00
|
|
|
fi
|
|
|
|
pattern=$1
|
|
|
|
origin=$2
|
|
|
|
last=${3:-}
|
|
|
|
|
|
|
|
if [ -z "${pattern}" ]; then
|
|
|
|
echo "Error: there is an empty port dependency in ${dp_DEPTYPE}" >&2
|
2015-11-13 19:00:34 +01:00
|
|
|
err=1
|
|
|
|
continue
|
2015-06-28 20:50:37 +02:00
|
|
|
fi
|
|
|
|
|
|
|
|
if [ -z "${origin}" ]; then
|
|
|
|
echo "Error: a dependency has an empty origin in ${dp_DEPTYPE}" >&2
|
2015-11-13 19:00:34 +01:00
|
|
|
err=1
|
|
|
|
continue
|
2015-06-28 20:50:37 +02:00
|
|
|
fi
|
|
|
|
|
2020-07-06 13:10:16 +02:00
|
|
|
case "${origin}" in
|
|
|
|
*@*/*) ;; # Ignore @ in the path which would not be a flavor
|
|
|
|
*@*)
|
|
|
|
export FLAVOR="${origin##*@}"
|
|
|
|
origin=${origin%@*}
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
|
2015-06-28 20:50:37 +02:00
|
|
|
case "${origin}" in
|
|
|
|
/*) ;;
|
2019-09-03 16:36:00 +02:00
|
|
|
*)
|
|
|
|
for overlay in ${dp_OVERLAYS} ${PORTSDIR}; do
|
|
|
|
orig="${overlay}/${origin}"
|
|
|
|
if [ -f "${orig}/Makefile" ]; then
|
|
|
|
break
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
origin="${orig}"
|
|
|
|
;;
|
2015-06-28 20:50:37 +02:00
|
|
|
esac
|
|
|
|
|
|
|
|
depends_args="${dp_DEPENDS_ARGS}"
|
|
|
|
target=${dp_DEPENDS_TARGET}
|
|
|
|
if [ -n "${last}" ]; then
|
Force ports depending on a fetch target to actually run checksum.
This prevents an improbable MITM attack on dependencies where the target
is "fetch" and the port is built manuallt. (Which means a port depends
on a dependency being fetched, but not built or anything else.) In this
case, as the target is only "fetch", the distribution files of the
dependency are not checked against the dependency's distinfo file. One
could, in theory, impersonate the dependency's master site and provide a
malicious distribution file.
The ports that could in theory be affected are russian/gd, ukrainian/gd,
and ukrainian/webalizer. They are only affected when building manually,
as when building with poudriere, the *-depends target do not have
network access, and the build would fail if the distribution files are
not already present. (From the dependencies being built normally, where
checksum would have ran.)
The detail is described here:
https://www.reddit.com/r/BSD/comments/br62hm/freebsd_cryptographic_bypass_and_mitmbased/
Reported by: emaste (on IRC)
Reviewed by: swills emaste antoine
MFH: 2019Q3
Differential Revision: https://reviews.freebsd.org/D21230
2019-08-13 12:31:18 +02:00
|
|
|
# In case we depend on the fetch stage, actually run checksum,
|
|
|
|
# this prevent a MITM attack.
|
|
|
|
if [ "${last}" = "fetch" ]; then
|
|
|
|
target=checksum
|
|
|
|
else
|
|
|
|
target=${last}
|
|
|
|
fi
|
2015-06-28 20:50:37 +02:00
|
|
|
if [ -n "${dp_DEPENDS_PRECLEAN}" ]; then
|
|
|
|
target="clean ${target}"
|
2016-10-31 21:54:50 +01:00
|
|
|
depends_args="${depends_args:+${depends_args} }NOCLEANDEPENDS=yes"
|
2015-06-28 20:50:37 +02:00
|
|
|
fi
|
|
|
|
if [ -n "${dp_DEPENDS_CLEAN}" ]; then
|
|
|
|
target="${target} clean"
|
2016-10-31 21:54:50 +01:00
|
|
|
depends_args="${depends_args:+${depends_args} }NOCLEANDEPENDS=yes"
|
2015-06-28 20:50:37 +02:00
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2015-07-24 12:11:18 +02:00
|
|
|
case ${dp_DEPTYPE} in
|
|
|
|
LIB_DEPENDS)
|
|
|
|
case ${pattern} in
|
|
|
|
lib*.so*) fct=find_lib ;;
|
|
|
|
*)
|
|
|
|
echo "Error: pattern ${pattern} in LIB_DEPENDS is not valid"
|
2015-11-13 19:00:34 +01:00
|
|
|
err=1
|
|
|
|
continue
|
|
|
|
;;
|
2015-07-24 12:11:18 +02:00
|
|
|
esac ;;
|
|
|
|
*)
|
|
|
|
case ${pattern} in
|
|
|
|
*\>*|*\<*|*=*) fct=find_package ;;
|
|
|
|
/nonexistent) fct=false ;;
|
|
|
|
/*) fct=find_file ;;
|
|
|
|
*) fct=find_file_path ;;
|
|
|
|
esac ;;
|
2015-06-28 20:50:37 +02:00
|
|
|
esac
|
|
|
|
if ${fct} "${pattern}" ; then
|
|
|
|
continue
|
|
|
|
fi
|
|
|
|
[ ${pattern} = "/nonexistent" ] || anynotfound=1
|
|
|
|
|
2015-11-13 19:00:34 +01:00
|
|
|
if [ ! -f "${origin}/Makefile" ]; then
|
|
|
|
echo "Error a dependency refers to a non existing origin: ${origin} in ${dp_DEPTYPE}" >&2
|
|
|
|
err=1
|
|
|
|
continue
|
|
|
|
fi
|
|
|
|
|
2015-06-28 20:50:37 +02:00
|
|
|
# Now actually install the dependencies
|
|
|
|
install_depends "${origin}" "${target}" "${depends_args}"
|
|
|
|
# Recheck if the installed dependency validates the pattern except for /nonexistent
|
|
|
|
[ "${fct}" = "false" ] || ${fct} "${pattern}"
|
|
|
|
echo "===> Returning to build of ${dp_PKGNAME}"
|
|
|
|
done
|
|
|
|
|
2015-11-13 19:00:34 +01:00
|
|
|
if [ $err -eq 1 ]; then
|
|
|
|
echo "Errors with dependencies."
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
2015-06-28 20:50:37 +02:00
|
|
|
if [ -n "${dp_STRICT_DEPENDS}" -a ${anynotfound} -eq 1 ]; then \
|
2020-04-11 01:28:56 +02:00
|
|
|
echo "===> STRICT_DEPENDS set - Not installing missing dependencies."
|
2015-06-28 20:50:37 +02:00
|
|
|
echo " This means a dependency is wrong since it was not satisfied in the ${dp_DEPTYPE} phase."
|
|
|
|
exit 1
|
|
|
|
fi
|