Pullup ticket #4494 - requested by rodent

net/socat: security update

Revisions pulled up:
- net/socat/Makefile                                            1.32
- net/socat/distinfo                                            1.20
- net/socat/patches/patch-aa                                    deleted
- net/socat/patches/patch-configure                             1.2
- net/socat/patches/patch-mytypes.h                             1.2

---
   Module Name:	pkgsrc
   Committed By:	rodent
   Date:		Sun Sep  7 23:24:56 UTC 2014

   Modified Files:
   	pkgsrc/net/socat: Makefile distinfo
   	pkgsrc/net/socat/patches: patch-configure patch-mytypes.h
   Removed Files:
   	pkgsrc/net/socat/patches: patch-aa

   Log Message:
   Update to latest stable, 1.7.2.4, which is supposed to resolve CVE-2014-0019.
   patches/patch-aa seems to have been committed upstream. Passing readline
   location to configure and fixing CCOPTS in Makefile.in seems to not be
   necessary anymore. From CHANGES:

   ####################### V 1.7.2.4:

   corrections:
   	LISTEN based addresses applied some address options, e.g. so-keepalive,
   	to the listening file descriptor instead of the connected file
   	descriptor

   	make failed after configure with non gcc compiler due to missing
   	include.

   	configure checked for --disable-rawsocket but printed
   	--disable-genericsocket in the help text.

   	In xioshutdown() a wrong branch was chosen after RECVFROM type addresses.
   	Probably no impact.

   	procan could not cleanly format ulimit values longer than 16 decimal
   	digits. Thanks to Frank Dana for providing a patch that increases field
   	width to 24 digits.

   	OPENSSL-CONNECT with bind option failed on some systems, eg.FreeBSD, with
   	"Invalid argument"

   	Changed some variable definitions to make gcc -O2 aliasing checker happy

   	On big endian platforms with type long >32bit the range option applied a
   	bad base address.

   	Red Hat issue 1022070: missing length check in xiolog_ancillary_socket()

   	Red Hat issue 1022063: out-of-range shifts on net mask bits

   	Red Hat issue 1022062: strcpy misuse in xiosetsockaddrenv_ip4()

   	Red Hat issue 1022048: strncpy hardening: corrected suspicious strncpy()
   	uses

   	Red Hat issue 1021958: fixed a bug with faulty buffer/data length
   	calculation in xio-ascii.c:_xiodump()

   	Red Hat issue 1021972: fixed a missing NUL termination in return string
   	of sysutils.c:sockaddr_info() for the AF_UNIX case

   	fixed some typos and minor issues, including:
   	Red Hat issue 1021967: formatting error in manual page

   	UNIX-LISTEN with fork option did not remove the socket file system entry
   	when exiting. Other file system based passive address types had similar
   	issues or failed to apply options umask, user e.a.

   porting:
   	Red Hat issue 1020203: configure checks fail with some compilers.
   	Use case: clang

   	Performed changes for Fedora release 19

   	Adapted, improved test.sh script

   	Red Hat issue 1021429: getgroupent fails with large number of groups;
   	use getgrouplist() when available instead of sequence of calls to
   	getgrent()

   	Red Hat issue 1021948: snprintf API change;
   	Implemented xio_snprintf() function as wrapper that tries to emulate C99
   	behaviour on old glibc systems, and adapted all affected calls
   	appropriately

   	Mike Frysinger provided a patch that supports long long for time_t,
   	socklen_t and a few other libc types.

   	Artem Mygaiev extended Cedril Priscals Android build script with pty code

   	The check for fips.h required stddef.h

   	Check for linux/errqueue.h failed on some systems due to lack of
   	linux/types.h inclusion.

   	autoconf now prefers configure.ac over configure.in

   	type of struct cmsghdr.cmsg is system dependend, determine it with
   	configure; some more print format corrections

   docu:
   	libwrap always logs to syslog

   	added actual text version of GPLv2

   ####################### V 1.7.2.3:

   security:
   	CVE-2014-0019: socats PROXY-CONNECT address was vulnerable to a buffer
   	overflow with data from command line (see socat-secadv5.txt)

5 files changed, 16 insertions, 38 deletions

diff --git a/net/socat/Makefile b/net/socat/Makefile
index e14dc7cd198..d346e5ccf5f 100644
--- a/net/socat/Makefile
+++ b/net/socat/Makefile
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.31 2014/02/12 23:18:26 tron Exp $
+# $NetBSD: Makefile,v 1.31.4.1 2014/09/19 11:30:10 tron Exp $
 
-DISTNAME=	socat-1.7.2.2
-PKGREVISION=	1
+DISTNAME=	socat-1.7.2.4
 CATEGORIES=	net
 MASTER_SITES=	http://www.dest-unreach.org/socat/download/
 
@@ -16,7 +15,6 @@ ONLY_FOR_COMPILER=	gcc	# uses -Werror in the configure script
 .include "../../mk/bsd.prefs.mk"
 
 CONFIGURE_ARGS+=	--disable-libwrap
-CONFIGURE_ARGS+=	--with-readline=${BUILDLINK_PREFIX.readline}
 
 .if !empty(USE_CROSS_COMPILE:M[yY][eE][sS]) && ${OPSYS} == "NetBSD"
 # XXX Kludge -- the right fix is to make socat not depend on these constants.
@@ -32,12 +30,6 @@ SUBST_STAGE.paths=	post-patch
 SUBST_FILES.paths=	doc/socat.1
 SUBST_SED.paths=	-e 's,/usr/,${PREFIX}/,g'
 
-SUBST_CLASSES+=		makefile
-SUBST_MESSAGE.makefile=	Fixing Makefile CCOPTS.
-SUBST_STAGE.makefile=	post-patch
-SUBST_FILES.makefile=	Makefile.in
-SUBST_SED.makefile=	-e '/CCOPTS/ s/-Wall -Wno-parentheses//'
-
 .include "options.mk"
 
 .include "../../security/openssl/buildlink3.mk"
diff --git a/net/socat/distinfo b/net/socat/distinfo
index 1169d0bf1d7..020f71f1955 100644
--- a/net/socat/distinfo
+++ b/net/socat/distinfo
@@ -1,8 +1,7 @@
-$NetBSD: distinfo,v 1.19 2013/10/21 09:54:11 fhajny Exp $
+$NetBSD: distinfo,v 1.19.6.1 2014/09/19 11:30:10 tron Exp $
 
-SHA1 (socat-1.7.2.2.tar.gz) = 588294c17373d52a8ac877dcd599ef26f14b110b
-RMD160 (socat-1.7.2.2.tar.gz) = 465923e2163530a99b40647865aee9ade62b0ebc
-Size (socat-1.7.2.2.tar.gz) = 564923 bytes
-SHA1 (patch-aa) = c10b68a5ca36ec27c6e77a01f6f89a832a4862eb
-SHA1 (patch-configure) = 5888fd4690bfc5acdd3319445a9b4e2192bd1276
-SHA1 (patch-mytypes.h) = 57769b4295812d15cee7e3d4200c5c0c365f7efd
+SHA1 (socat-1.7.2.4.tar.gz) = c33904b83295accef2aaff8adf7eedd3310f9777
+RMD160 (socat-1.7.2.4.tar.gz) = 034e7e1197339aa01d657d580fbc60d16ebf13dc
+Size (socat-1.7.2.4.tar.gz) = 583762 bytes
+SHA1 (patch-configure) = 2fb11fb9f5ab7ff911597fa9460226a913151bb1
+SHA1 (patch-mytypes.h) = d93e629e4aedae62ed6de2c30bf459c8af853a84
diff --git a/net/socat/patches/patch-aa b/net/socat/patches/patch-aa
deleted file mode 100644
index b52d7a4eb58..00000000000
--- a/net/socat/patches/patch-aa
+++ /dev/null
@@ -1,15 +0,0 @@
-$NetBSD: patch-aa,v 1.6 2009/03/11 08:40:32 apb Exp $
-
---- compat.h.orig	2008-10-05 22:23:07.000000000 +0200
-+++ compat.h
-@@ -232,6 +232,10 @@
- #define F_time "%ld"
- #  elif HAVE_BASIC_TIME_T==6
- #define F_time "%lu"
-+#  elif HAVE_BASIC_TIME_T==7
-+#define F_time "%lld"
-+#  elif HAVE_BASIC_TIME_T==8
-+#define F_time "%llu"
- #  else
- #error "HAVE_BASIC_TIME_T is out of range:" HAVE_BASIC_TIME_T
- #  endif
diff --git a/net/socat/patches/patch-configure b/net/socat/patches/patch-configure
index eae485a9981..12402054d54 100644
--- a/net/socat/patches/patch-configure
+++ b/net/socat/patches/patch-configure
@@ -1,10 +1,10 @@
-$NetBSD: patch-configure,v 1.1 2013/09/13 09:41:32 jperkin Exp $
+$NetBSD: patch-configure,v 1.1.8.1 2014/09/19 11:30:10 tron Exp $
 
 Include net/if.h for netinet/if_ether.h
 
---- configure.orig	2013-09-13 09:27:50.539358670 +0000
+--- configure.orig	2014-03-09 19:57:51.000000000 +0000
 +++ configure
-@@ -4625,7 +4625,11 @@ fi
+@@ -4671,7 +4671,11 @@ fi
  
  fi
  if test "$WITH_INTERFACE"; then
@@ -14,6 +14,6 @@ Include net/if.h for netinet/if_ether.h
 +	#include <net/if.h>
 +	#endif
 +"
- if test "x$ac_cv_header_netinet_if_ether_h" = x""yes; then :
+ if test "x$ac_cv_header_netinet_if_ether_h" = xyes; then :
    $as_echo "#define HAVE_NETINET_IF_ETHER_H 1" >>confdefs.h
  
diff --git a/net/socat/patches/patch-mytypes.h b/net/socat/patches/patch-mytypes.h
index 8e239af3d46..77de04f694b 100644
--- a/net/socat/patches/patch-mytypes.h
+++ b/net/socat/patches/patch-mytypes.h
@@ -1,6 +1,8 @@
-$NetBSD: patch-mytypes.h,v 1.1 2011/12/06 19:51:47 joerg Exp $
+$NetBSD: patch-mytypes.h,v 1.1.22.1 2014/09/19 11:30:10 tron Exp $
 
---- mytypes.h.orig	2011-12-06 16:32:43.000000000 +0000
+Use stdbool.
+
+--- mytypes.h.orig	2010-10-06 07:25:30.000000000 +0000
 +++ mytypes.h
 @@ -7,7 +7,7 @@