summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAvatar Timo Gurr <tgurr@exherbo.org> 2019-01-10 17:25:34 +0100
committerAvatar Timo Gurr <tgurr@exherbo.org> 2019-01-10 17:25:34 +0100
commitc4fde8b10fbc09175f78c4d3f9e40da26e656405 (patch)
treec64c2161b47216b670c041bd9dee98ea178fe6d8
parent831fb191fe212ee4a60841b1d7c4f134c1cf618d (diff)
downloadnet-c4fde8b10fbc09175f78c4d3f9e40da26e656405.tar.gz
net-c4fde8b10fbc09175f78c4d3f9e40da26e656405.tar.xz
synapse: version bump to 0.34.1.1, fixes CVE-2019-5885
-rw-r--r--metadata/repository_mask.conf7
-rw-r--r--packages/net/synapse/files/systemd/synapse.service17
-rw-r--r--packages/net/synapse/synapse-0.34.1.1.exheres-0 (renamed from packages/net/synapse/synapse-0.34.0.exheres-0)28
3 files changed, 44 insertions, 8 deletions
diff --git a/metadata/repository_mask.conf b/metadata/repository_mask.conf
index 562dab7..7986a6a 100644
--- a/metadata/repository_mask.conf
+++ b/metadata/repository_mask.conf
@@ -284,3 +284,10 @@ dev-db/mariadb[>10.3] [[
token = testing
description = [ Give it a bit of time to make sure nothing major breaks ]
]]
+
+net/synapse[<0.34.1.1] [[
+ author = [ Timo Gurr <tgurr@exherbo.org> ]
+ date = [ 10 Jan 2019 ]
+ token = security
+ description = [ CVE-2019-5885 ]
+]]
diff --git a/packages/net/synapse/files/systemd/synapse.service b/packages/net/synapse/files/systemd/synapse.service
new file mode 100644
index 0000000..8f575ab
--- /dev/null
+++ b/packages/net/synapse/files/systemd/synapse.service
@@ -0,0 +1,17 @@
+[Unit]
+Description=Synapse Matrix homeserver
+
+[Service]
+Type=simple
+Restart=on-abort
+
+User=synapse
+Group=synapse
+
+WorkingDirectory=/var/lib/synapse
+ExecStart=/usr/bin/python2.7 -m synapse.app.homeserver --config-path=/etc/synapse/homeserver.yaml
+ExecStop=/usr/bin/synctl stop /etc/synapse/homeserver.yaml
+
+[Install]
+WantedBy=multi-user.target
+
diff --git a/packages/net/synapse/synapse-0.34.0.exheres-0 b/packages/net/synapse/synapse-0.34.1.1.exheres-0
index 8acee7b..512a7eb 100644
--- a/packages/net/synapse/synapse-0.34.0.exheres-0
+++ b/packages/net/synapse/synapse-0.34.1.1.exheres-0
@@ -1,9 +1,9 @@
-# Copyright 2018 Timo Gurr <tgurr@exherbo.org>
+# Copyright 2018-2019 Timo Gurr <tgurr@exherbo.org>
# Distributed under the terms of the GNU General Public License v2
require github [ user=matrix-org tag=v${PV} ] \
setup-py [ import=setuptools has_bin=true multibuild=false test=pytest ] \
- systemd-service [ systemd_files=[ contrib/systemd/synapse.service ] ]
+ systemd-service
SUMMARY="Matrix reference homeserver"
DESCRIPTION="
@@ -41,7 +41,6 @@ DEPENDENCIES="
dev-python/pymacaroons[>=0.13.0][python_abis:*(-)?]
dev-python/pynacl[>=1.2.1][python_abis:*(-)?]
dev-python/pyopenssl[>=16.0.0][python_abis:*(-)?]
- dev-python/pysaml2[>=3.0.0][python_abis:*(-)?]
dev-python/PyYAML[>=3.11][python_abis:*(-)?]
dev-python/service_identity[>=16.0.0][python_abis:*(-)?]
dev-python/signedjson[>=1.0.0][python_abis:*(-)?]
@@ -51,12 +50,24 @@ DEPENDENCIES="
dev-python/unpaddedbase64[>=1.1.0][python_abis:*(-)?]
net-twisted/Twisted[>=17.1.0][python_abis:*(-)?]
suggestion:
+ dev-python/Jinja2[>=2.9][python_abis:*(-)?] [[
+ description = [ Required for consent tracking and mail notifications ]
+ ]]
+ dev-python/bleach[>=1.4.2][python_abis:*(-)?] [[
+ description = [ Required for mail notifications ]
+ ]]
+ dev-python/lxml[>=3.5.0][python_abis:*(-)?] [[
+ description = [ Required for URL preview support ]
+ ]]
dev-python/matrix-synapse-ldap3[>=0.1][python_abis:*(-)?] [[
description = [ Adds LDAP authentification support to Synapse ]
]]
dev-python/psycopg2[>=2.6][python_abis:*(-)?] [[
description = [ Required for PostgreSQL support ]
]]
+ dev-python/pysaml2[>=3.0.0][python_abis:*(-)?] [[
+ description = [ Required for SAML 2.0 single sign-on support ]
+ ]]
"
src_prepare() {
@@ -64,13 +75,9 @@ src_prepare() {
# https://github.com/matrix-org/synapse/issues/3164
edo sed \
+ -e 's:msgpack-python:msgpack:g' \
-e 's:pymacaroons-pynacl:pymacaroons:g' \
-i synapse/python_dependencies.py
-
- # works with Python3
- edo sed \
- -e "s:/usr/bin/python2.7:${PYTHON}:g" \
- -i contrib/systemd/synapse.service
}
src_install() {
@@ -80,6 +87,11 @@ src_install() {
edo chown synapse:synapse "${IMAGE}"/var/lib/synapse
install_systemd_files
+
+ # works with Python3
+ edo sed \
+ -e "s:/usr/bin/python2.7:${PYTHON}:" \
+ -i "${IMAGE}"/${SYSTEMDSYSTEMUNITDIR}/${PN}.service
}
pkg_postinst() {