The actual fix as been done by "pkglint -F */*/buildlink3.mk", and was
reviewed manually.
There are some .include lines that still are indented with zero spaces
although the surrounding .if is indented. This is existing practice.
This changes the buildlink3.mk files to use an include guard for the
recursive include. The use of BUILDLINK_DEPTH, BUILDLINK_DEPENDS,
BUILDLINK_PACKAGES and BUILDLINK_ORDER is handled by a single new
variable BUILDLINK_TREE. Each buildlink3.mk file adds a pair of
enter/exit marker, which can be used to reconstruct the tree and
to determine first level includes. Avoiding := for large variables
(BUILDLINK_ORDER) speeds up parse time as += has linear complexity.
The include guard reduces system time by avoiding reading files over and
over again. For complex packages this reduces both %user and %sys time to
half of the former time.
- Added support for chaining modules within the version client library.
To use this, specify the module string as a list of modules separated
with commas. For example:
cvm-command:/path/to/module,cvm-local:/path/to/socket
This enhancement deprecates the cvm-chain module.
- Introduced an "out of scope" fact, to be used on credential rejection
results when the supplied credentials are outside of the scope of
authority of the module. The cvm-vmailmgr and cvm-qmail modules
report this fact as appropriate, and cvm-chain copies it as
appropriate from the modules it invokes.
- A random anti-spoofing tag is added to all version 2 client requests.
Its length is set by $CVM_RANDOM_BYTES and defaults to 8.
- Fixed a bug that caused the domain output to be set incorrectly when
doing qmail lookups with a domain not in the control files with
$CVM_QMAIL_ASSUME_LOCAL set.
and add a new helper target and script, "show-buildlink3", that outputs
a listing of the buildlink3.mk files included as well as the depth at
which they are included.
For example, "make show-buildlink3" in fonts/Xft2 displays:
zlib
fontconfig
iconv
zlib
freetype2
expat
freetype2
Xrender
renderproto
RECOMMENDED is removed. It becomes ABI_DEPENDS.
BUILDLINK_RECOMMENDED.foo becomes BUILDLINK_ABI_DEPENDS.foo.
BUILDLINK_DEPENDS.foo becomes BUILDLINK_API_DEPENDS.foo.
BUILDLINK_DEPENDS does not change.
IGNORE_RECOMMENDED (which defaulted to "no") becomes USE_ABI_DEPENDS
which defaults to "yes".
Added to obsolete.mk checking for IGNORE_RECOMMENDED.
I did not manually go through and fix any aesthetic tab/spacing issues.
I have tested the above patch on DragonFly building and packaging
subversion and pkglint and their many dependencies.
I have also tested USE_ABI_DEPENDS=no on my NetBSD workstation (where I
have used IGNORE_RECOMMENDED for a long time). I have been an active user
of IGNORE_RECOMMENDED since it was available.
As suggested, I removed the documentation sentences suggesting bumping for
"security" issues.
As discussed on tech-pkg.
I will commit to revbump, pkglint, pkg_install, createbuildlink separately.
Note that if you use wip, it will fail! I will commit to pkgsrc-wip
later (within day).
- Added an "autoconvert" mode to cvm-vmailmgr, which converts encrypted
passwords to plain-text on successful authentication if
$VMAILMGR_AUTOCONVERT is set.
- The reference source for the CVM interface.
- Diagnostic and benchmark CVM clients.
- A checkpassword interface CVM client.
- A UNIX/POSIX system module (uses getpwnam).
- A flat-file module.
- A vmailmgr module.
- MySQL and PgSQL modules.
- A library for client writers.
- A set of libraries for module writers.
