pool/avahi
SHA256
17
0
Fork 1
Code Issues Pull Requests Activity

Compare commits

merge into: pool:factory
Branches Tags
pool:factory pool:slfo-1.2 pool:slfo-main
...
pull from: pool:slfo-1.2
Branches Tags
pool:factory pool:slfo-1.2 pool:slfo-main

1 Commits
factory ... slfo-1.2

Author SHA256 Message Date
Antonio Larrosa
bf62461780 Build with Qt6, disable building with Qt5 in SLE16, fix for 
CVE-2024-52615, bsc#1233421

This is a migration of https://build.suse.de/request/show/385109 with
an added fix from Factory
 2025-10-01 17:19:03 +02:00
6 changed files with 639 additions and 116 deletions
Expand all files Collapse all files

316
0001-Enable-building-with-Qt6.patch Normal file
View File

@@ -0,0 +1,316 @@
From fdc30aff1e72ba22aff11e2d9c0ab486ba63d1a6 Mon Sep 17 00:00:00 2001
From: Antonio Larrosa <antonio.larrosa@gmail.com>
Date: Fri, 30 May 2025 11:42:02 +0200
Subject: [PATCH] Enable building with Qt6
---
Makefile.am | 10 ++++++++
acinclude.m4 | 2 +-
avahi-qt/Makefile.am | 22 +++++++++++++++++
avahi-qt/qt-watch.cpp | 10 ++++----
avahi-qt6.pc.in | 11 +++++++++
common/qt-pie.m4 | 55 +++++++++++++++++++++++++++++++++++++++++++
common/qt5-pie.m4 | 27 ---------------------
configure.ac | 31 +++++++++++++++++++++++-
8 files changed, 135 insertions(+), 33 deletions(-)
create mode 100644 avahi-qt6.pc.in
create mode 100644 common/qt-pie.m4
delete mode 100644 common/qt5-pie.m4
diff --git a/Makefile.am b/Makefile.am
index 352cdcf25..3df371ad3 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -45,6 +45,7 @@ EXTRA_DIST = \
avahi-qt3.pc.in \
avahi-qt4.pc.in \
avahi-qt5.pc.in \
+ avahi-qt6.pc.in \
avahi-sharp.pc.in \
avahi-ui-sharp.pc.in \
avahi-compat-libdns_sd.pc.in \
@@ -108,6 +109,10 @@ if HAVE_QT5
DX_INPUT += \
$(srcdir)/avahi-qt/qt-watch.h
endif
+if HAVE_QT6
+DX_INPUT += \
+ $(srcdir)/avahi-qt/qt-watch.h
+endif
endif
if HAVE_GLIB
@@ -236,6 +241,11 @@ pkgconfig_DATA += avahi-qt5.pc
CLEANFILES += avahi-qt5.pc
endif
+if HAVE_QT6
+pkgconfig_DATA += avahi-qt6.pc
+CLEANFILES += avahi-qt6.pc
+endif
+
if HAVE_LIBEVENT
pkgconfig_DATA += avahi-libevent.pc
CLEANFILES += avahi-libevent.pc
diff --git a/acinclude.m4 b/acinclude.m4
index ccf2ac616..ac922456e 100644
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -1,2 +1,2 @@
sinclude(common/doxygen.m4)
-sincldue(common/qt5-pie.m4)
+sincldue(common/qt-pie.m4)
diff --git a/avahi-qt/Makefile.am b/avahi-qt/Makefile.am
index b404810f7..78069b56c 100644
--- a/avahi-qt/Makefile.am
+++ b/avahi-qt/Makefile.am
@@ -87,4 +87,26 @@ libavahi_qt5_la_LIBADD = $(AM_LDADD) ../avahi-common/libavahi-common.la $(QT5_LI
libavahi_qt5_la_LDFLAGS = $(AM_LDFLAGS) -version-info $(LIBAVAHI_QT5_VERSION_INFO)
endif
+if HAVE_QT6
+
+avahiqt6includedir=$(includedir)/avahi-qt6
+avahiqt6include_HEADERS = \
+ qt-watch.h
+
+lib_LTLIBRARIES += \
+ libavahi-qt6.la
+
+BUILT_SOURCES += qt-watch.moc6
+
+libavahi_qt6_la_SOURCES = \
+ qt-watch.cpp
+
+qt-watch.moc6: qt-watch.cpp
+ $(AM_V_GEN)$(MOC_QT6) $^ > $@
+
+libavahi_qt6_la_CPPFLAGS = $(AM_CFLAGS) --std=gnu++17 $(QT6_CFLAGS) -DQT6 $(VISIBILITY_HIDDEN_CFLAGS)
+libavahi_qt6_la_LIBADD = $(AM_LDADD) ../avahi-common/libavahi-common.la $(QT6_LIBS)
+libavahi_qt6_la_LDFLAGS = $(AM_LDFLAGS) -version-info $(LIBAVAHI_QT6_VERSION_INFO)
+endif
+
CLEANFILES = $(BUILT_SOURCES)
diff --git a/avahi-qt/qt-watch.cpp b/avahi-qt/qt-watch.cpp
index 14e0c6e6a..cd18bee3d 100644
--- a/avahi-qt/qt-watch.cpp
+++ b/avahi-qt/qt-watch.cpp
@@ -18,7 +18,7 @@
***/
#include <sys/time.h>
-#if defined(QT5) || defined(QT4)
+#if defined(QT6) || defined(QT5) || defined(QT4)
#include <QSocketNotifier>
#include <QObject>
#include <QTimer>
@@ -114,7 +114,7 @@ AvahiTimeout::AvahiTimeout(const struct timeval* tv, AvahiTimeoutCallback callba
m_callback(callback), m_userdata(userdata)
{
connect(&m_timer, SIGNAL(timeout()), this, SLOT(timeout()));
-#if defined(QT5) || defined(QT4)
+#if defined(QT6) || defined(QT5) || defined(QT4)
m_timer.setSingleShot(true);
#endif
update(tv);
@@ -125,7 +125,7 @@ void AvahiTimeout::update(const struct timeval *tv)
m_timer.stop();
if (tv) {
AvahiUsec u = avahi_age(tv)/1000;
-#if defined(QT5) || defined(QT4)
+#if defined(QT6) || defined(QT5) || defined(QT4)
m_timer.start( (u>0) ? 0 : -u);
#else
m_timer.start( (u>0) ? 0 : -u,true);
@@ -191,7 +191,9 @@ const AvahiPoll* avahi_qt_poll_get(void)
return &qt_poll;
}
-#if defined(QT5)
+#if defined(QT6)
+#include "qt-watch.moc6"
+#elif defined(QT5)
#include "qt-watch.moc5"
#elif defined(QT4)
#include "qt-watch.moc4"
diff --git a/avahi-qt6.pc.in b/avahi-qt6.pc.in
new file mode 100644
index 000000000..ce9f13758
--- /dev/null
+++ b/avahi-qt6.pc.in
@@ -0,0 +1,11 @@
+prefix=@prefix@
+exec_prefix=${prefix}
+libdir=@libdir@
+includedir=${prefix}/include
+
+Name: avahi-qt6
+Description: Avahi Multicast DNS Responder (QT6 Support)
+Version: @PACKAGE_VERSION@
+Requires: Qt6Core >= 6.0.0
+Libs: -L${libdir} -lavahi-qt6
+Cflags: -D_REENTRANT -I${includedir}
diff --git a/common/qt-pie.m4 b/common/qt-pie.m4
new file mode 100644
index 000000000..8f35e548b
--- /dev/null
+++ b/common/qt-pie.m4
@@ -0,0 +1,55 @@
+AC_DEFUN([AC_AVAHI_QT5_ADD_PIC_IF_NEEDED],
+[
+ AC_LANG_PUSH([C++])
+ save_CPPFLAGS="$CPPFLAGS"
+ CPPFLAGS="$CPPFLAGS $QT5_CFLAGS"
+ AC_MSG_CHECKING([whether Qt works without -fPIC])
+ AC_PREPROC_IFELSE(
+ [AC_LANG_SOURCE([[#include <QtCore>]])],
+ [AC_MSG_RESULT(yes)],
+ [
+ AC_MSG_RESULT(no)
+ AC_MSG_CHECKING([whether Qt works with -fPIC])
+ CPPFLAGS="$CPPFLAGS -fPIC"
+ AC_PREPROC_IFELSE(
+ [AC_LANG_SOURCE([[#include <QtCore>]])],
+ [
+ AC_MSG_RESULT(yes)
+ QT5_CFLAGS="$QT5_CFLAGS -fPIC"
+ ],
+ [
+ AC_MSG_RESULT(no)
+ AC_MSG_ERROR(Couldn't compile Qt without -fPIC nor with -fPIC)
+ ])
+ ])
+ CPPFLAGS="$save_CPPFLAGS"
+ AC_LANG_POP([C++])
+])
+
+AC_DEFUN([AC_AVAHI_QT6_ADD_PIC_IF_NEEDED],
+[
+ AC_LANG_PUSH([C++])
+ save_CPPFLAGS="$CPPFLAGS"
+ CPPFLAGS="$CPPFLAGS $QT6_CFLAGS"
+ AC_MSG_CHECKING([whether Qt works without -fPIC])
+ AC_PREPROC_IFELSE(
+ [AC_LANG_SOURCE([[#include <QtCore>]])],
+ [AC_MSG_RESULT(yes)],
+ [
+ AC_MSG_RESULT(no)
+ AC_MSG_CHECKING([whether Qt works with -fPIC])
+ CPPFLAGS="$CPPFLAGS -fPIC"
+ AC_PREPROC_IFELSE(
+ [AC_LANG_SOURCE([[#include <QtCore>]])],
+ [
+ AC_MSG_RESULT(yes)
+ QT6_CFLAGS="$QT6_CFLAGS -fPIC"
+ ],
+ [
+ AC_MSG_RESULT(no)
+ AC_MSG_ERROR(Couldn't compile Qt without -fPIC nor with -fPIC)
+ ])
+ ])
+ CPPFLAGS="$save_CPPFLAGS"
+ AC_LANG_POP([C++])
+])
diff --git a/common/qt5-pie.m4 b/common/qt5-pie.m4
deleted file mode 100644
index 10d564c8f..000000000
--- a/common/qt5-pie.m4
+++ /dev/null
@@ -1,27 +0,0 @@
-AC_DEFUN([AC_AVAHI_QT_ADD_PIC_IF_NEEDED],
-[
- AC_LANG_PUSH([C++])
- save_CPPFLAGS="$CPPFLAGS"
- CPPFLAGS="$CPPFLAGS $QT5_CFLAGS"
- AC_MSG_CHECKING([whether Qt works without -fPIC])
- AC_PREPROC_IFELSE(
- [AC_LANG_SOURCE([[#include <QtCore>]])],
- [AC_MSG_RESULT(yes)],
- [
- AC_MSG_RESULT(no)
- AC_MSG_CHECKING([whether Qt works with -fPIC])
- CPPFLAGS="$CPPFLAGS -fPIC"
- AC_PREPROC_IFELSE(
- [AC_LANG_SOURCE([[#include <QtCore>]])],
- [
- AC_MSG_RESULT(yes)
- QT5_CFLAGS="$QT5_CFLAGS -fPIC"
- ],
- [
- AC_MSG_RESULT(no)
- AC_MSG_ERROR(Couldn't compile Qt without -fPIC nor with -fPIC)
- ])
- ])
- CPPFLAGS="$save_CPPFLAGS"
- AC_LANG_POP([C++])
-])
diff --git a/configure.ac b/configure.ac
index 31bce3d76..5959df14e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -36,6 +36,7 @@ AC_SUBST(LIBAVAHI_GOBJECT_VERSION_INFO, [0:5:0])
AC_SUBST(LIBAVAHI_QT3_VERSION_INFO, [1:2:0])
AC_SUBST(LIBAVAHI_QT4_VERSION_INFO, [1:2:0])
AC_SUBST(LIBAVAHI_QT5_VERSION_INFO, [1:2:0])
+AC_SUBST(LIBAVAHI_QT6_VERSION_INFO, [1:2:0])
AC_SUBST(LIBAVAHI_UI_VERSION_INFO, [1:4:1])
# Do not touch these, since they we took this version-info from upstream HOWL/Bonjour
@@ -557,7 +558,7 @@ AC_ARG_ENABLE(qt5,
if test "x$HAVE_QT5" = "xyes" ; then
PKG_CHECK_MODULES( QT5, [ Qt5Core >= 5.0.0 ])
- AC_AVAHI_QT_ADD_PIC_IF_NEEDED
+ AC_AVAHI_QT5_ADD_PIC_IF_NEEDED
AC_SUBST(QT5_CFLAGS)
AC_SUBST(QT5_LIBS)
QT5_PREFIX="`$PKG_CONFIG --variable=host_bins Qt5Core`"
@@ -569,6 +570,32 @@ if test "x$HAVE_QT5" = "xyes" ; then
fi
AM_CONDITIONAL(HAVE_QT5, test "x$HAVE_QT5" = "xyes")
+#
+# Check for Qt 6
+#
+AC_ARG_ENABLE(qt6,
+ AS_HELP_STRING([--disable-qt6],[Disable building of Qt6Core mainloop integration]),
+ [case "${enableval}" in
+ yes) HAVE_QT6=yes ;;
+ no) HAVE_QT6=no ;;
+ *) AC_MSG_ERROR(bad value ${enableval} for --enable-qt6) ;;
+ esac],
+ [HAVE_QT6=yes])
+
+if test "x$HAVE_QT6" = "xyes" ; then
+ PKG_CHECK_MODULES( QT6, [ Qt6Core >= 6.0.0 ])
+ AC_AVAHI_QT6_ADD_PIC_IF_NEEDED
+ AC_SUBST(QT6_CFLAGS)
+ AC_SUBST(QT6_LIBS)
+ QT6_PREFIX="`$PKG_CONFIG --variable=libexecdir Qt6Core`"
+ AC_PATH_PROGS(MOC_QT6, [moc-qt6 moc], no, [$QT6_PREFIX])
+ if test "$MOC_QT6" = no; then
+ AC_MSG_ERROR([Could not find QT6 moc])
+ fi
+ AC_SUBST(MOC_QT6)
+fi
+AM_CONDITIONAL(HAVE_QT6, test "x$HAVE_QT6" = "xyes")
+
#
# Check for GTK+ 2.0
#
@@ -1222,6 +1249,7 @@ echo "
Enable QT3: ${HAVE_QT3}
Enable QT4: ${HAVE_QT4}
Enable QT5: ${HAVE_QT5}
+ Enable QT6: ${HAVE_QT6}
Enable Mono: ${HAVE_MONO}
Enable Monodoc: ${HAVE_MONODOC}
Distribution/OS: ${with_distro}
@@ -1292,6 +1320,7 @@ echo "\
Building libavahi-qt3: ${HAVE_QT3}
Building libavahi-qt4: ${HAVE_QT4}
Building libavahi-qt5: ${HAVE_QT5}
+ Building libavahi-qt6: ${HAVE_QT6}
Building avahi-sharp: ${HAVE_MONO}
Building avahi-compat-libdns_sd: ${ENABLE_COMPAT_LIBDNS_SD}
Building avahi-compat-howl: ${ENABLE_COMPAT_HOWL}

1
_multibuild
View File

@@ -1,4 +1,5 @@
<multibuild>
<package>qt6</package>
<package>qt5</package>
<package>glib2</package>
</multibuild>

227
avahi-CVE-2024-52615.patch Normal file
View File

@@ -0,0 +1,227 @@
From 4e2e1ea0908d7e6ad7f38ae04fdcdf2411f8b942 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Wed, 27 Nov 2024 18:07:32 +0100
Subject: [PATCH] core/wide-area: fix for CVE-2024-52615
---
avahi-core/wide-area.c | 128 ++++++++++++++++++++++-------------------
1 file changed, 69 insertions(+), 59 deletions(-)
diff --git a/avahi-core/wide-area.c b/avahi-core/wide-area.c
index 00a1505..06df7af 100644
--- a/avahi-core/wide-area.c
+++ b/avahi-core/wide-area.c
@@ -81,6 +81,10 @@ struct AvahiWideAreaLookup {
AvahiAddress dns_server_used;
+ int fd;
+ AvahiWatch *watch;
+ AvahiProtocol proto;
+
AVAHI_LLIST_FIELDS(AvahiWideAreaLookup, lookups);
AVAHI_LLIST_FIELDS(AvahiWideAreaLookup, by_key);
};
@@ -88,9 +92,6 @@ struct AvahiWideAreaLookup {
struct AvahiWideAreaLookupEngine {
AvahiServer *server;
- int fd_ipv4, fd_ipv6;
- AvahiWatch *watch_ipv4, *watch_ipv6;
-
/* Cache */
AVAHI_LLIST_HEAD(AvahiWideAreaCacheEntry, cache);
AvahiHashmap *cache_by_key;
@@ -125,35 +126,67 @@ static AvahiWideAreaLookup* find_lookup(AvahiWideAreaLookupEngine *e, uint16_t i
return l;
}
+static void socket_event(AVAHI_GCC_UNUSED AvahiWatch *w, int fd, AVAHI_GCC_UNUSED AvahiWatchEvent events, void *userdata);
+
static int send_to_dns_server(AvahiWideAreaLookup *l, AvahiDnsPacket *p) {
+ AvahiWideAreaLookupEngine *e;
AvahiAddress *a;
+ AvahiServer *s;
+ AvahiWatch *w;
+ int r;
assert(l);
assert(p);
- if (l->engine->n_dns_servers <= 0)
+ e = l->engine;
+ assert(e);
+
+ s = e->server;
+ assert(s);
+
+ if (e->n_dns_servers <= 0)
return -1;
- assert(l->engine->current_dns_server < l->engine->n_dns_servers);
+ assert(e->current_dns_server < e->n_dns_servers);
- a = &l->engine->dns_servers[l->engine->current_dns_server];
+ a = &e->dns_servers[e->current_dns_server];
l->dns_server_used = *a;
- if (a->proto == AVAHI_PROTO_INET) {
+ if (l->fd >= 0) {
+ /* We are reusing lookup object and sending packet to another server so let's cleanup before we establish connection to new server. */
+ s->poll_api->watch_free(l->watch);
+ l->watch = NULL;
- if (l->engine->fd_ipv4 < 0)
- return -1;
+ close(l->fd);
+ l->fd = -EBADF;
+ }
- return avahi_send_dns_packet_ipv4(l->engine->fd_ipv4, AVAHI_IF_UNSPEC, p, NULL, &a->data.ipv4, AVAHI_DNS_PORT);
+ assert(a->proto == AVAHI_PROTO_INET || a->proto == AVAHI_PROTO_INET6);
- } else {
- assert(a->proto == AVAHI_PROTO_INET6);
+ if (a->proto == AVAHI_PROTO_INET)
+ r = s->config.use_ipv4 ? avahi_open_unicast_socket_ipv4() : -1;
+ else
+ r = s->config.use_ipv6 ? avahi_open_unicast_socket_ipv6() : -1;
- if (l->engine->fd_ipv6 < 0)
- return -1;
+ if (r < 0) {
+ avahi_log_error(__FILE__ ": Failed to create socket for wide area lookup");
+ return -1;
+ }
- return avahi_send_dns_packet_ipv6(l->engine->fd_ipv6, AVAHI_IF_UNSPEC, p, NULL, &a->data.ipv6, AVAHI_DNS_PORT);
+ w = s->poll_api->watch_new(s->poll_api, r, AVAHI_WATCH_IN, socket_event, l);
+ if (!w) {
+ close(r);
+ avahi_log_error(__FILE__ ": Failed to create socket watch for wide area lookup");
+ return -1;
}
+
+ l->fd = r;
+ l->watch = w;
+ l->proto = a->proto;
+
+ return a->proto == AVAHI_PROTO_INET ?
+ avahi_send_dns_packet_ipv4(l->fd, AVAHI_IF_UNSPEC, p, NULL, &a->data.ipv4, AVAHI_DNS_PORT):
+ avahi_send_dns_packet_ipv6(l->fd, AVAHI_IF_UNSPEC, p, NULL, &a->data.ipv6, AVAHI_DNS_PORT);
}
static void next_dns_server(AvahiWideAreaLookupEngine *e) {
@@ -246,6 +279,9 @@ AvahiWideAreaLookup *avahi_wide_area_lookup_new(
l->dead = 0;
l->key = avahi_key_ref(key);
l->cname_key = avahi_key_new_cname(l->key);
+ l->fd = -EBADF;
+ l->watch = NULL;
+ l->proto = AVAHI_PROTO_UNSPEC;
l->callback = callback;
l->userdata = userdata;
@@ -314,6 +350,12 @@ static void lookup_destroy(AvahiWideAreaLookup *l) {
if (l->cname_key)
avahi_key_unref(l->cname_key);
+ if (l->watch)
+ l->engine->server->poll_api->watch_free(l->watch);
+
+ if (l->fd >= 0)
+ close(l->fd);
+
avahi_free(l);
}
@@ -572,14 +614,20 @@ finish:
}
static void socket_event(AVAHI_GCC_UNUSED AvahiWatch *w, int fd, AVAHI_GCC_UNUSED AvahiWatchEvent events, void *userdata) {
- AvahiWideAreaLookupEngine *e = userdata;
+ AvahiWideAreaLookup *l = userdata;
+ AvahiWideAreaLookupEngine *e = l->engine;
AvahiDnsPacket *p = NULL;
- if (fd == e->fd_ipv4)
- p = avahi_recv_dns_packet_ipv4(e->fd_ipv4, NULL, NULL, NULL, NULL, NULL);
+ assert(l);
+ assert(e);
+ assert(l->fd == fd);
+
+ if (l->proto == AVAHI_PROTO_INET)
+ p = avahi_recv_dns_packet_ipv4(l->fd, NULL, NULL, NULL, NULL, NULL);
else {
- assert(fd == e->fd_ipv6);
- p = avahi_recv_dns_packet_ipv6(e->fd_ipv6, NULL, NULL, NULL, NULL, NULL);
+ assert(l->proto == AVAHI_PROTO_INET6);
+
+ p = avahi_recv_dns_packet_ipv6(l->fd, NULL, NULL, NULL, NULL, NULL);
}
if (p) {
@@ -598,32 +646,6 @@ AvahiWideAreaLookupEngine *avahi_wide_area_engine_new(AvahiServer *s) {
e->server = s;
e->cleanup_dead = 0;
- /* Create sockets */
- e->fd_ipv4 = s->config.use_ipv4 ? avahi_open_unicast_socket_ipv4() : -1;
- e->fd_ipv6 = s->config.use_ipv6 ? avahi_open_unicast_socket_ipv6() : -1;
-
- if (e->fd_ipv4 < 0 && e->fd_ipv6 < 0) {
- avahi_log_error(__FILE__": Failed to create wide area sockets: %s", strerror(errno));
-
- if (e->fd_ipv6 >= 0)
- close(e->fd_ipv6);
-
- if (e->fd_ipv4 >= 0)
- close(e->fd_ipv4);
-
- avahi_free(e);
- return NULL;
- }
-
- /* Create watches */
-
- e->watch_ipv4 = e->watch_ipv6 = NULL;
-
- if (e->fd_ipv4 >= 0)
- e->watch_ipv4 = s->poll_api->watch_new(e->server->poll_api, e->fd_ipv4, AVAHI_WATCH_IN, socket_event, e);
- if (e->fd_ipv6 >= 0)
- e->watch_ipv6 = s->poll_api->watch_new(e->server->poll_api, e->fd_ipv6, AVAHI_WATCH_IN, socket_event, e);
-
e->n_dns_servers = e->current_dns_server = 0;
/* Initialize cache */
@@ -651,18 +673,6 @@ void avahi_wide_area_engine_free(AvahiWideAreaLookupEngine *e) {
avahi_hashmap_free(e->lookups_by_id);
avahi_hashmap_free(e->lookups_by_key);
- if (e->watch_ipv4)
- e->server->poll_api->watch_free(e->watch_ipv4);
-
- if (e->watch_ipv6)
- e->server->poll_api->watch_free(e->watch_ipv6);
-
- if (e->fd_ipv6 >= 0)
- close(e->fd_ipv6);
-
- if (e->fd_ipv4 >= 0)
- close(e->fd_ipv4);
-
avahi_free(e);
}
@@ -680,7 +690,7 @@ void avahi_wide_area_set_servers(AvahiWideAreaLookupEngine *e, const AvahiAddres
if (a) {
for (e->n_dns_servers = 0; n > 0 && e->n_dns_servers < AVAHI_WIDE_AREA_SERVERS_MAX; a++, n--)
- if ((a->proto == AVAHI_PROTO_INET && e->fd_ipv4 >= 0) || (a->proto == AVAHI_PROTO_INET6 && e->fd_ipv6 >= 0))
+ if (a->proto == AVAHI_PROTO_INET || a->proto == AVAHI_PROTO_INET6)
e->dns_servers[e->n_dns_servers++] = *a;
} else {
assert(n == 0);
--
2.49.0

24
avahi.changes
View File

@@ -1,3 +1,27 @@
-------------------------------------------------------------------
Mon Sep 15 14:32:04 UTC 2025 - Cliff Zhao <qzhao@suse.com>
- Add avahi-CVE-2024-52615.patch:
Backport 4e2e1ea from upstream, Resolve fixed source ports for
wide-area DNS queries cause DNS responses be injected.
(CVE-2024-52615, bsc#1233421)
-------------------------------------------------------------------
Fri May 30 09:51:51 UTC 2025 - Antonio Larrosa <alarrosa@suse.com>
- Add patch submitted to upstream at
to enable building with Qt6 and add that flavor:
0001-Enable-building-with-Qt6.patch
- Disable building the Qt5 flavor in SLE16.
-------------------------------------------------------------------
Fri May 23 07:43:38 UTC 2025 - Bjørn Lie <bjorn.lie@gmail.com>
- Drop obsolete update-desktop-files BuildRequires and macro.
Replace with desktop-file-utils BuildRequires.
- Drop unneeded update_spec.pl source, not needed since change to
proper multibuild.
-------------------------------------------------------------------
Wed Nov 20 10:09:45 UTC 2024 - Cliff Zhao <qzhao@suse.com>

81
avahi.spec
View File

@@ -1,7 +1,7 @@
#
# spec file for package avahi
#
# Copyright (c) 2024 SUSE LLC
# Copyright (c) 2025 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -19,25 +19,39 @@
%define _name avahi
%global flavor @BUILD_FLAVOR@%{nil}
%if "%{flavor}" == "qt6"
%global psuffix -qt6
%global build_qt6 1
%global build_qt5 0
%global build_glib2 0
%global build_core 0
%else
%if "%{flavor}" == "qt5"
%global psuffix -qt5
%global build_qt6 0
%global build_qt5 1
%global build_glib2 0
%global build_core 0
%if 0%{suse_version} == 1600 && ! 0%{?is_openSUSE}
ExclusiveArch: donotbuild
%endif
%else
%if "%{flavor}" == "glib2"
%global psuffix -glib2
# NOTE: build_glib2 also controls build of gobject, gtk3 and pygobject code.
%global build_qt6 0
%global build_qt5 0
%global build_glib2 1
%global build_core 0
%else
%global psuffix %{nil}
%global build_qt6 0
%global build_qt5 0
%global build_glib2 0
%global build_core 1
%endif
%endif
%endif
%define avahi_client_sover 3
%define avahi_common_sover 3
%define avahi_core_sover 7
@@ -48,6 +62,7 @@
%define avahi_gobject_sover 0
%define avahi_gtk3_sover 0
%define avahi_qt5_sover 1
%define avahi_qt6_sover 1
%if %{build_glib2}
%define debug_package_requires libavahi-ui%{avahi_ui_sover} = %{version}-%{release}
%endif
@@ -72,7 +87,6 @@ Source14: avahi-autoipd.sysusers
# File missing from 0.8 tarball
Source12: https://raw.githubusercontent.com/lathiat/avahi/master/service-type-database/build-db
Source100: attributes
Source101: update_spec.pl
Source102: baselibs.conf
Source103: avahi-rpmlintrc
# PATCH-FIX-OPENSUSE avahi-gacdir.patch -- Mono libs are in $prefix/lib on suse
@@ -117,6 +131,10 @@ Patch35: avahi-CVE-2023-38471.patch
Patch36: avahi-filter-bogus-services.patch
# PATCH-FIX-UPSTREAM avahi-CVE-2024-52616.patch CVE-2024-52616 bsc#1233420 qzhao@suse.com -- Properly randomize query id of DNS packets.
Patch37: avahi-CVE-2024-52616.patch
# PATCH-FIX-UPSTREAM 0001-Enable-building-with-Qt6.patch alarrosa@suse.com -- Port to build with qt6 (https://github.com/avahi/avahi/pull/704)
Patch38: 0001-Enable-building-with-Qt6.patch
# PATCH-FIX-UPSTREAM avahi-CVE-2024-52615.patch CVE-2024-52615 bsc#1233421 qzhao@suse.com -- Resolve fixed source ports for wide-area DNS queries cause DNS responses be injected.
Patch39: avahi-CVE-2024-52615.patch
BuildRequires: fdupes
BuildRequires: gcc-c++
BuildRequires: gdbm-devel
@@ -147,10 +165,10 @@ Obsoletes: mDNSResponder < 107.5
#Conflicts: avahi-utils <= 0.6.31-9.2
%endif
%if %{build_glib2}
BuildRequires: desktop-file-utils
BuildRequires: gobject-introspection-devel
BuildRequires: gtk3-devel
BuildRequires: libavahi-devel = %{version}
BuildRequires: update-desktop-files
BuildRequires: pkgconfig(pygobject-3.0)
%endif
%if %{build_qt5}
@@ -159,6 +177,12 @@ BuildRequires: libavahi-devel = %{version}
BuildRequires: pkgconfig(Qt5Core)
Requires: libavahi-client%{avahi_client_sover} >= %{version}
%endif
%if %{build_qt6}
BuildRequires: dbus-1-devel
BuildRequires: libavahi-devel = %{version}
BuildRequires: pkgconfig(Qt6Core)
Requires: libavahi-client%{avahi_client_sover} >= %{version}
%endif
BuildRequires: python-rpm-macros
%if %{build_core}
BuildRequires: %{python_module dbm}
@@ -425,7 +449,6 @@ Obsoletes: avahi-glib2-utils-gtk < %{version}
Avahi is an implementation of the DNS Service Discovery and Multicast
DNS specifications for Zeroconf Computing.
# This is the avahi-discover command, only provided for the primary python3 flavor
%package -n python3-avahi-gtk
@@ -500,6 +523,30 @@ Avahi is an implementation of the DNS Service Discovery and Multicast DNS
specifications for Zeroconf Computing.
%endif
%if %{build_qt6}
%package -n libavahi-qt6-%{avahi_qt6_sover}
Summary: Qt6 Bindings for avahi, the D-Bus Service for Zeroconf and Bonjour
Group: System/Libraries
%description -n libavahi-qt6-%{avahi_qt6_sover}
Qt6 support for Avahi.
Avahi is an implementation of the DNS Service Discovery and Multicast DNS
specifications for Zeroconf Computing.
%package -n libavahi-qt6-devel
Summary: Header files for Avahi's Qt6 bindings
Group: Development/Libraries/C and C++
Requires: libavahi-devel = %{version}
Requires: libavahi-qt6-%{avahi_qt6_sover} = %{version}
%description -n libavahi-qt6-devel
Development files for the Qt6 support for Avahi.
Avahi is an implementation of the DNS Service Discovery and Multicast DNS
specifications for Zeroconf Computing.
%endif
%prep
%setup -q -n %{_name}-%{version}
cp -a %{SOURCE5} sysconfig.avahi
@@ -564,6 +611,11 @@ export PYTHON=%{_bindir}/$python
%else
--disable-qt5\
%endif
%if %{build_qt6}
--enable-qt6\
%else
--disable-qt6\
%endif
%ifarch ppc64 ppc64le s390x
--disable-monodoc\
%endif
@@ -599,7 +651,7 @@ cd ..
done
cd -
%endif
%if %{build_qt5} && !%{build_core}
%if (%{build_qt5} || %{build_qt6}) && !%{build_core}
cd avahi-qt
%endif
%make_install
@@ -674,11 +726,6 @@ rmdir %{buildroot}/%{_datadir}/avahi/interfaces
rmdir %{buildroot}/%{_datadir}/avahi
%endif
%endif
%if %{build_glib2}
%suse_update_desktop_file avahi-discover
%suse_update_desktop_file bvnc
%suse_update_desktop_file bssh
%endif
%fdupes %{buildroot}/%{_libdir}
%pre -f avahi.pre
@@ -724,6 +771,9 @@ fi
%if %{build_qt5}
%ldconfig_scriptlets -n libavahi-qt5-%{avahi_qt5_sover}
%endif
%if %{build_qt6}
%ldconfig_scriptlets -n libavahi-qt6-%{avahi_qt6_sover}
%endif
%post -n python3-avahi-gtk
%desktop_database_post
@@ -930,4 +980,15 @@ fi
%{_libdir}/pkgconfig/avahi-qt5.pc
%endif
%if %{build_qt6}
%files -n libavahi-qt6-%{avahi_qt6_sover}
%{_libdir}/libavahi-qt6.so.*
%files -n libavahi-qt6-devel
%{_includedir}/avahi-qt6
%{_libdir}/libavahi-qt6.*a
%{_libdir}/libavahi-qt6.so
%{_libdir}/pkgconfig/avahi-qt6.pc
%endif
%changelog

106
update_spec.pl
View File

@@ -1,106 +0,0 @@
#! /usr/bin/perl
my $name = $ARGV[0];
$name =~ s,.*/,,;
$name =~ s,\.spec.*,,;
my %attributes = ();
open(FILE, $ARGV[1]) || die 'no attributes';
my $pack = undef;
my $text = undef;
while ( <FILE> ) {
if (/^\+(.*)$/) { $pack = $1; $text = ''; next }
if (/^-(.*)$/) {
if ($pack ne $1) {
die "$pack and $1 do not match";
}
$text =~ s,^\s*,,;
$text =~ s,\s*$,,;
$attributes{$pack} = $text;
$text = undef;
$pack = undef;
next;
}
if (defined $text) {
$text .= $_;
} elsif (/^(\S*)\s*(.*)$/) {
my $attr = $1;
my $string = $2;
$string =~ s,^\s*,,;
$string =~ s,\s*$,,;
$attributes{$attr} = $string;
}
}
close(FILE);
open(FILE, $ARGV[0]);
sub description()
{
if (/^%description\s*(.*)\s*/) {
my $suffix = $1;
my $pname = $name;
if ($suffix =~ m/-n\s*(.*)/) {
$pname = $1;
} else {
$pname = "$name-$suffix" if ($suffix);
}
if (defined $attributes{"description.$pname"}) {
print $_;
my $descr = $attributes{"description.$pname"};
print "$descr\n";
$_ = '';
do {
$_ = <FILE>;
} while ( $_ !~ /^%/ && $_ !~ /^@/ );
print "\n";
description();
}
}
}
# current subpackage
my $pname = $name;
while ( <FILE> )
{
if (/^Name:\s*(.*)/) {
$name = $1;
$pname = $1;
}
description();
if (/^%package\s*(.*)/) {
my $suffix = $1;
if ($suffix =~ m/-n\s*(.*)/) {
$pname = $1;
} else {
$pname = "$name-$1";
}
}
if (/^(Summary:\s*)(.*)$/) {
if (defined $attributes{"summary.$pname"}) {
print $1 . $attributes{"summary.$pname"} ."\n";
next;
}
}
if (/^(License:\s*)(.*)$/) {
if (defined $attributes{"license.$pname"}) {
print $1 . $attributes{"license.$pname"} ."\n";
next;
}
}
if (/^(Group:\s*)(.*)$/) {
if (defined $attributes{"group.$pname"}) {
print $1 . $attributes{"group.$pname"} ."\n";
next;
}
}
print $_;
}
close(FILE);