From patchwork Fri Aug 9 10:37:33 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adolf Belka X-Patchwork-Id: 7948 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature RSA-PSS (4096 bits)) (Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4WgL2v4zwSz3wyK for ; Fri, 9 Aug 2024 10:37:43 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "E5" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4WgL2r6WcYz4RS; Fri, 9 Aug 2024 10:37:40 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4WgL2r4XCKz33ww; Fri, 9 Aug 2024 10:37:40 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature RSA-PSS (4096 bits)) (Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4WgL2n4LCmz33mK for ; Fri, 9 Aug 2024 10:37:37 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4WgL2m5myjz4RS; Fri, 9 Aug 2024 10:37:36 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1723199856; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=w7oDCN/WiXcRa5HTyHBh94ZNv1y0kaf5W8bhmigATdw=; b=gz5tE+nOPHxAz14QJg02LFEkP2lugWGEO+wVT5B0eFxSlFMsUtXreP9R9oZJUmyfGy37/w 3WDPsXpnwF0JTkCw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1723199856; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=w7oDCN/WiXcRa5HTyHBh94ZNv1y0kaf5W8bhmigATdw=; b=cfUgkXs/Xe/L1uv4OsYmC7gzqmkFPI6jkD3iHjl3DaM61Uc4a13gABuPUn3PFvBVOFMjLG CCZRgm5EcOFm93NaSE/yETnVpuK8moe9bNBSEaoLb7bkFznjZ07d2gozJ5o2fBMDB3iTIp uni9vtMgx3bMsqa7McV58PTZ4J1H52EH8M0iTUa37FmVbvkwdOgOArMb0FS2MZTu7BwlZd SMgBsU5BaavKoIPU86IaJBpcKC37Qyst1GqmCT6SoTKQ4bRatCRBTt37lFnHRADHbHqqFr WwGIf7qJXJpEDPaU/VDaCnhu64nHLJ3KoURrSxN9BeSBzn0Sdc+UMAP/SLmToA== From: Adolf Belka To: development@lists.ipfire.org Subject: [PATCH 1/2] libgcrypt: Update to version 1.11.0 Date: Fri, 9 Aug 2024 12:37:33 +0200 Message-ID: <20240809103734.5486-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Message-ID-Hash: O6WQ76GI76EJ4FRCC4MSYYOUKRWOQOX4 X-Message-ID-Hash: O6WQ76GI76EJ4FRCC4MSYYOUKRWOQOX4 X-MailFrom: adolf.belka@ipfire.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.8 Precedence: list List-Id: IPFire development talk Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: - Update from version 1.10.3 to 1.11.0 - Update of rootfile - Update of libgcrypt requires an update of netatalk as old version will not build with libgcrypt-1.11.0 - Changelog 1.11.0 * New and extended interfaces: - Add an API for Key Encapsulation Mechanism (KEM). [T6755] - Add Streamlined NTRU Prime sntrup761 algorithm. [rCcf9923e1a5] - Add Kyber algorithm according to FIPS 203 ipd 2023-08-24. [rC18e5c0d268] - Add Classic McEliece algorithm. [rC003367b912] - Add One-Step KDF with hash and MAC. [T5964] - Add KDF algorithm HKDF of RFC-5869. [T5964] - Add KDF algorithm X963KDF for use in CMS. [rC3abac420b3] - Add GMAC-SM4 and Poly1305-SM4. [rCd1ccc409d4] - Add ARIA block cipher algorithm. [rC316c6d7715] - Add explicit FIPS indicators for MD and MAC algorithms. [T6376] - Add support for SHAKE as MGF in RSA. [T6557] - Add gcry_md_read support for SHAKE algorithms. [T6539] - Add gcry_md_hash_buffers_ext function. [T7035] - Add cSHAKE hash algorithm. [rC065b3f4e02] - Support internal generation of IV for AEAD cipher mode. [T4873] * Performance: - Add SM3 ARMv8/AArch64/CE assembly implementation. [rCfe891ff4a3] - Add SM4 ARMv8/AArch64 assembly implementation. [rCd8825601f1] - Add SM4 GFNI/AVX2 and GFI/AVX512 implementation. [rC5095d60af4,rCeaed633c16] - Add SM4 ARMv9 SVE CE assembly implementation. [rC2dc2654006] - Add PowerPC vector implementation of SM4. [rC0b2da804ee] - Optimize ChaCha20 and Poly1305 for PPC P10 LE. [T6006] - Add CTR32LE bulk acceleration for AES on PPC. [rC84f2e2d0b5] - Add generic bulk acceleration for CTR32LE mode (GCM-SIV) for SM4 and Camellia. [rCcf956793af] - Add GFNI/AVX2 implementation of Camellia. [rC4e6896eb9f] - Add AVX2 and AVX512 accelerated implementations for GHASH (GCM) and POLYVAL (GCM-SIV). [rCd857e85cb4, rCe6f3600193] - Add AVX512 implementation for SHA512. [rC089223aa3b] - Add AVX512 implementation for Serpent. [rCce95b6ec35] - Add AVX512 implementation for Poly1305 and ChaCha20 [rCcd3ed49770, rC9a63cfd617] - Add AVX512 accelerated implementation for SHA3 and Blake2 [rCbeaad75f46,rC909daa700e] - Add VAES/AVX2 accelerated i386 implementation for AES. [rC4a42a042bc] - Add bulk processing for XTS mode of Camellia and SM4. [rC32b18cdb87, rCaad3381e93] - Accelerate XTS and ECB modes for Twofish and Serpent. [rCd078a928f5,rC8a1fe5f78f] - Add AArch64 crypto/SHA512 extension implementation for SHA512. [rCe51d3b8330] - Add AArch64 crypto-extension implementation for Camellia. [rC898c857206] - Accelerate OCB authentication on AMD with AVX2. [rC6b47e85d65] * Bug fixes: - For PowerPC check for missing optimization level for vector register usage. [T5785] - Fix EdDSA secret key check. [T6511] - Fix decoding of PKCS#1-v1.5 and OAEP padding. [rC34c2042792] - Allow use of PKCS#1-v1.5 with SHA3 algorithms. [T6976] - Fix AESWRAP padding length check. [T7130] * Other: - Allow empty password for Argon2 KDF. [rCa20700c55f] - Various constant time operation imporvements. - Add "bp256", "bp384", "bp512" aliases for Brainpool curves. - Support for the random server has been removed. [T5811] - The control code GCRYCTL_ENABLE_M_GUARD is deprecated and not supported any more. Please use valgrind or other tools. [T5822] - Logging is now done via the libgpg-error logging functions. [rCab0bdc72c7] Signed-off-by: Adolf Belka --- config/rootfiles/common/libgcrypt | 3 +-- lfs/libgcrypt | 4 ++-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/config/rootfiles/common/libgcrypt b/config/rootfiles/common/libgcrypt index f08cf1db3..d00f191b7 100644 --- a/config/rootfiles/common/libgcrypt +++ b/config/rootfiles/common/libgcrypt @@ -1,12 +1,11 @@ #usr/bin/dumpsexp #usr/bin/hmac256 -#usr/bin/libgcrypt-config #usr/bin/mpicalc #usr/include/gcrypt.h #usr/lib/libgcrypt.la #usr/lib/libgcrypt.so usr/lib/libgcrypt.so.20 -usr/lib/libgcrypt.so.20.4.3 +usr/lib/libgcrypt.so.20.5.0 #usr/lib/pkgconfig/libgcrypt.pc #usr/share/aclocal/libgcrypt.m4 #usr/share/info/gcrypt.info diff --git a/lfs/libgcrypt b/lfs/libgcrypt index dfd7a9a2f..341683bfb 100644 --- a/lfs/libgcrypt +++ b/lfs/libgcrypt @@ -24,7 +24,7 @@ include Config -VER = 1.10.3 +VER = 1.11.0 THISAPP = libgcrypt-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 1a228e02820e886016eb55dee75936c4422a15fb4f95a2f9bcd1e4faac4015d4321c7c8d23f164eb08ece5d62935ab3b3d3104eabfdd22db997ab3e5689dfa6f +$(DL_FILE)_BLAKE2 = fe3f42480c0b9a0c50c24f4c54197404b4e1056d8baa9c0c07c671c9c05b90777580b4cbcde931b50ecb4dd93f5ddad89cea99aa36a35f86f796a003e3816f7d install : $(TARGET) From patchwork Fri Aug 9 10:37:34 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adolf Belka X-Patchwork-Id: 7949 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature RSA-PSS (4096 bits)) (Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4WgL2w6DNDz3wyK for ; Fri, 9 Aug 2024 10:37:44 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "E5" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4WgL2s1cDVz5n2; Fri, 9 Aug 2024 10:37:41 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4WgL2r6S1Bz33xN; Fri, 9 Aug 2024 10:37:40 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature RSA-PSS (4096 bits)) (Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4WgL2p2Lh9z33mK for ; Fri, 9 Aug 2024 10:37:38 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4WgL2n5wbnz2VB; Fri, 9 Aug 2024 10:37:37 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1723199857; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=d8qmMQKdV1X+o8FPlAa5urt9RETMVgils1hyc2o4XTs=; b=ENE1Av7QAUUEM7oT1lQQzRaXkNMS5vXfHaEZfo2zFLl/U4+8lbOXJ/fP8k/brS/8Hnfaz3 Nwj/OaSr31N7dMDw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1723199857; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=d8qmMQKdV1X+o8FPlAa5urt9RETMVgils1hyc2o4XTs=; b=fQJqCRgC5OsI2qHBINNqA/VYZzdcd740uQywOc25atyja5Ezcob2w3M3jJWDJiWUfJzyG9 5MrjlF180kgaDj8gSaLx/l8vZs+WlqHbKCD8yJYex0SjLno75aTqecng541KTd6TttMBtU msCg/1Y2doUAyzxnNRSN4EIgzc7vTcZLXWE8K0N2N8renqRBCZRIbz8aouEZbmnI2zZYya 0qc6/ZmyY9mrrmLi0HQNwyJ9nL7xF4n6dbi8T4H+K6NXtMfhy3+EqnvRzFlP52ewVoi+Dq IRPmBssVayc0zCthPQHv8ICBXeVDWb8FDdnjMA93/H6pBJfkog2PRDsZli449A== From: Adolf Belka To: development@lists.ipfire.org Subject: [PATCH 2/2] netatalk: Update to version 3.2.5 Date: Fri, 9 Aug 2024 12:37:34 +0200 Message-ID: <20240809103734.5486-2-adolf.belka@ipfire.org> In-Reply-To: <20240809103734.5486-1-adolf.belka@ipfire.org> References: <20240809103734.5486-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Message-ID-Hash: RBHX36657XE7EOKYSQJXZR4LHK3Y76WU X-Message-ID-Hash: RBHX36657XE7EOKYSQJXZR4LHK3Y76WU X-MailFrom: adolf.belka@ipfire.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.8 Precedence: list List-Id: IPFire development talk Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: - Update from version 3.1.2 to 3.2.5 - Update of rootfile - Change to meson build - Bundled libevent was removed in 3.1.13 so configure option no longer needed. - The latest netatalk places the prefix value onto all other directories. No way to change this via the meson options. So sysconfdir and localstatedir would end up being under /usr. Patch created to remove the prefix value at the beginning of sysconfdir and localstatedir so that the locations stay the same as for the previous versions. - The default value for pam.d is in /usr/etc/ but option available to change this. - Large number of CVE fixes in some of the updates - 3.2.1, 3.1.18, 3.1.17, 3.1.16, 3.1.15, 3.1.13, 3.1.12, - Changelog 3.2.5 * BREAKING: meson: Allow choosing shared or static libraries to build, GitHub #1321 In practice, only shared libraries are built by default now. Use the `default_library' option to control what is built. * FIX: meson: Control the MySQL CNID backend, and support MariaDB, GitHub #1341 Introduces a new boolean `with-cnid-mysql-backend' option. * FIX: meson: Implement with-init-dir option, GitHub #1346 * FIX: autotools/meson: Install FreeBSD init script into correct location, GitHub #1345 * FIX: meson: Fix syntax error with libiconv path, GitHub #1279 * FIX: meson: Correct description for with-manual option, GitHub #1282 * FIX: meson: Correct prefix lookup for tracker-control, GitHub #1284 * FIX: meson: default OPEN_NOFOLLOW_ERRNO overwrites platform customization, GitHub #1286 * FIX: meson: Don't make dtags depend on rpath, GitHub #1293 * FIX: meson: Remove duplicate dependency check for posix threads, GitHub #1297 * FIX: meson: Better output when cryptographic UAMs aren't built, GitHub #1302 * FIX: meson: Prioritize tests and run single-threaded to avoid race condition, GitHub #1312 * FIX: meson: Better way to handle rpath executable targets, GitHub #1315 * FIX: meson: Refactor libcrypto check and print better status messages, GitHub #1299 * FIX: meson: Look for libmariadb dependency to appease Fedora, GitHub #1348 * FIX: meson: Declare have_atfuncs globally to avoid failure later, GitHub #1357 * FIX: meson: Do a compiler sanity check before header checks, GitHub #1356 * FIX: Avoid using reserved keyword to build the tests on NetBSD, GitHub #1328 3.2.4 * UPD: autotools: Restore ABI versioning of libatalk, and set it to 18.0.0, GitHub #1261 * UPD: meson: Define long-form soversion as 18.0.0, GitHub #1256 Previously, only `18' was defined. * NEW: meson: Introduce pkgconfdir override option, GitHub #1241 The new option is called `with-pkgconfdir-path' and is analogous to the `with-pkgconfdir' Autotools option. Additionally, the hard-coded "netatalk" path suffix has been removed. * NEW: meson: Introduce `debian' init style option that installs both sysv and systemd, GitHub #1239 * FIX: meson: Add have_atfuncs check, and make dtags dependent on rpath flag, GitHub #1236 * FIX: meson: Correct overwrite install logic for config files, GitHub #1253 * FIX: Fix typo in netatalk_conf.c log message 3.2.3 * UPD: Record note of permission to upgrade CNID code to a later GPL, GitHub #1194 * UPD: Remove long-obsoleted cnid2_create script, GitHub #1203 * UPD: docker: Add option to enable ClearText and Guest UAMs, GitHub #1202 * FIX: docs: Standardize reference entry naming for netatalk-config man page, GitHub #1208 * FIX: meson: Generate afppasswd manual html page, GitHub #1210 * UPD: meson: Remove obsolete 64 bit library check, GitHub #1207 * FIX: meson: Enable rpath for binaries only when with-rpath is enabled, GitHub #1214 * FIX: meson: Require kerberos before enabling krb5 UAM, not just GSSAPI, GitHub #1218 * FIX: meson: Restore linking with 64-bit libdb on Solaris, GitHub #1222 * FIX: meson: Fixing linking when building with the `with-ssl-override' option, GitHub #1227 3.2.2 * UPD: meson: Use external SSL dependency to provide cast header, GitHub #1186 This reintroduces OpenSSL/LibreSSL as a dependency for the DHX UAM, while removing all source files with the SSLeay copyright notice. * UPD: meson: Add option to override system WolfSSL with embedded WolfSSL: `with-ssl-override', GitHub #1176 * UPD: Remove obsolete Red Hat Upstart and SuSE SysV init scripts, GitHub #1163 * FIX: meson: Fix errors in PAM support macro, GitHub #1178 * FIX: meson: Fix perl shebang substitution in cnid2_create script, GitHub #1183 * FIX: meson: Fix operation of D-Bus path macros, GitHub #1182 * FIX: meson: Fix errors in shadow password macro, GitHub #1192 * FIX: autotools: gcc 8.5 expects explicit library flags for libgcrypt, GitHub #1188 * NEW: Create a security policy, GitHub #1166 3.2.1 * FIX: CVE-2024-38439,CVE-2024-38440,CVE-2024-38441: Harden user login, GitHub #1158 * BREAKING: meson: Rework option semantics and feature macros, GitHub #1099 - Consistent syntax of the build options to make them user-friendly - Standardises the syntax of the feature macros - Fixes the logic of the largefile support macro - Disables gssapi support if the Kerberos V UAM is not required - All options are now defined either as `with-*' or `with-*-path' - Please see the Release Notes for a full list of changed options * UPD: meson: Enable building with system WolfSSL library, GitHub #1160 - Build system will attempt to detect that all required headers and symbols are supported - Falls back to the bundled WolfSSL library * FIX: meson: Fix -Doption paths on systems where rpath is enabled by default, GitHub #1053 * FIX: meson: Fix library search macro on OmniOS hosts, GitHub #1056 * FIX: meson: Fix rules for installing scripts, GitHub #1070 - Install afpstats only when Perl is detected - Don't install scripts only used by netatalk developers * FIX: meson: set setuid bit to allow user afppasswd changing, GitHub #1071 * FIX: meson: Fix logic of libiconv detection macro, GitHub #1075 * FIX: meson: Address various issues with the meson build system, GitHub #1082 - Enables quota support on all flavours of linux and BSD, plus macOS - Adds the quota provider to the configuration summary - Adds a user option to disable LDAP support - Sets dependencies according to user configuration - Improves the syntax of the ACL macro * FIX: meson: Further refinements to meson build system, GitHub #1086 - Adds user options to disable cracklib and GSSAPI support - Automates Berkeley DB library detection on macOS * FIX: meson: Fix issues with quota support on linux and macOS, GitHub #1092 - Enables quota support on macOS hosts - Restores missing configuration option for linux hosts - Removes obsolete quota configuration data for linux and macOS hosts * FIX: meson: Set executable flags when installing scripts, GitHub #1117 * UPD: autotools and meson: Use pkg-config to find libgcrypt, GitHub #1132 - This removes dependency on the now-obsolete libgcrypt-config * FIX: Use portable linux macro in etc/afpd header, GitHub #1083 * UPD: Debian Trixie expects systemd scripts in /usr/lib, GitHub #1135 * UPD: Add copyright for mac_roman.h, GitHub #1137 * FIX: Cleanup of copyright headers to make them scanner friendly, GitHub #1142 * FIX: Remove unused atalk/talloc.h header, GitHub #1154 * FIX: docker: Don't bail out when password is longer than 8 chars, GitHub #1067 * UPD: docker: Bump to Alpine 3.20 base image, GitHub #1111 * FIX: docker: Rework AFP user's GROUP and GID settings, GitHub #1116 - GID now requires GROUP to be set, and applies to that group rather than that of the user. * UPD: docs: Indicate license for software package, and add SSLeay notice, GitHub #1125 * FIX: docs: Rephrase tarball section of manual, GitHub #1164 3.2.0 * NEW: BREAKING: Introduce the Meson build system, GitHub #707 GNU Autotools is still supported, but will be removed in a future release. See the newly added INSTALL file. * NEW: BREAKING: Bundle WolfSSL for DHX/RandNum UAM encryption, GitHub #358 This is enabled by default, controlled by option "-Dwith-embedded-ssl" Requires the Meson build system. External OpenSSL 1.1 and LibreSSL are still supported. * NEW: BREAKING: LDAP API bump, OpenLDAP v2.3 or later required, GitHub #762 afp.conf option "ldap server" has been replaced with "ldap uri" and has a new syntax. See the manual for details. * UPD: BREAKING: Remove legacy cdb and tdb CNID backends, GitHub #508 * UPD: BREAKING: Remove Andrew File System (AFS) support, GitHub #554 * UPD: BREAKING: Remove bundled talloc, GitHub #479 For Spotlight support, use the talloc library supplied by your OS, or get the source code from the Samba project and build it yourself. * UPD: BREAKING: Remove generated SPARQL code, GitHub #337 This introduces a compile time dependency on a yacc parser and a lexer to build with Spotlight support. * UPD: BREAKING: Rename macOS launchd plist to io.netatalk.*, GitHub #778 Note: Only the Meson build system will clean up the old plist. * UPD: BREAKING: Renamed Gentoo init script to openrc, GitHub #868 OpenRC is cross platform; confirmed working on Alpine Linux. * NEW: FreeBSD init script, borrowed from FreeBSD ports, GitHub #876 Special thanks to the author, Joe Marcus Clarke. * NEW: OpenBSD init script, GitHub #870 * NEW: Introduce an official Dockerfile and entry script, GitHub #713 * NEW: Option to log to file with second (not us) accuracy, GitHub #580 Enable with afp.conf option: "log microseconds = no" * NEW: Option to add delay to FCE event emission, GitHub #849 Set a ms delay with afp.conf option: "fce sendwait" * NEW: afppasswd: Add -w option to set password from the CLI, GitHub #936 * NEW: docs: Distribute a manual appendix with the GNU GPL v2, GitHub #745 * NEW: docs: Distribute the Japanese localization of the manual, GitHub #806 * NEW: docs: Generate a manual appendix with build instructions, GitHub #791 The appendix is generated from the GitHub CI workflow yaml file. * UPD: docs: Document libraries, init scripts in manual, GitHub #808 * UPD: docs: Remove substituted file system paths from manual, GitHub #514 * FIX: afpd: Prevent theoretical crash in FPSetACL, GitHub #364 * FIX: libatalk: Fix parsing of macOS-created AppleDouble files, GitHub #270 * FIX: libatalk: Restore invalid EA metadata cleanup, GitHub #400 * FIX: quota: Use the NetBSD 6 quota API, GitHub #1028 * FIX: quota: Workaround for rquota.h symbol name on Fedora 40, GitHub #1040 * FIX: uams: Allow linking of the PGP UAM, GitHub #548 * FIX: Shore up error handling and type safety, GitHub #952 * UPD: Rewrite the afpstats script in Perl, GitHub #893 And, improve the formatting of the standard output. Requires the Net::DBus Perl extension. This removes the effective dependency on a Python runtime. * UPD: Make Perl and grep optional requirements, GitHub #886 When either is missing, do not install the optional Perl scripts. * NEW: Build system option "disable-init-hooks", GitHub #796 Will skip init script enablement commands that require elevated privileges on the system. * FIX: Make cracklib macro properly detect dictionary, GitHub #940 * FIX: Build with PAM support on FreeBSD 14, GitHub #560 * FIX: Allow libevent2 linking on OpenIndiana, GitHub #512 * FIX: Control all Spotlight dependencies at compile time, GitHub #571 * UPD: Remove redundant AUTHORS file, GitHub #538 3.1.18 * FIX: CVE-2022-22995: Harden create_appledesktop_folder(), GitHub #480 * FIX: Disable dtrace support on aarch64 FreeBSD hosts, Github #498 * FIX: Correct syntax for libwrap check in tcp-wrappers.m4, GitHub #500 * FIX: Correct syntax for libiconv check in iconv.m4, GitHub #491 * FIX: quota is not supported on macOS, GitHub #492 3.1.17 * FIX: CVE-2023-42464: Validate data type in dalloc_value_for_key(), GitHub #486 * FIX: Declare a variable before using it in a loop, which was throwing off the default compiler on RHEL7, GitHub #481 * UPD: Distribute tarballs with xz compression by default, not gzip, GitHub #478 * UPD: Add AUTHOR sections to all man pages with a reference to CONTRIBUTORS, and standardize headers and footers, GitHub #462 3.1.16 * FIX: libatalk: Fix CVE-2022-23121, CVE-2022-23123 regression - Added guard check before access ad_entry(), GitHub#357 - Allow zero length entry, for AppleDouble specification, GitHub#368 - Remove special handling for COMMENT entries, GitHub#236 - The assertion for invalid entires is still enabled, so please report any future "Invalid metadata EA" errors! * FIX: build system: Fix autoconf warnings and modernize bootstrap and configure.ac, GitHub#331 * FIX: build system: Correct syntax in libevent search macro, summary macro and netatalk executable makefile, GitHub#342 * FIX: build system: Fix native libiconv detection on macOS, GitHub#343 * FIX: build system: Use non-interactive PAM session when available, GitHub#361 * FIX: build system: Fix detection of Berkeley DB installed in multiarch location, GitHub#380 * FIX: build system: Fix support for cross-compilation with mysql_config and dtrace, GitHub#384 * FIX: build system: Support building quota against libtirpc, GitHub#385 * FIX: build system: Fix variable substitution in configure summary, GitHub#443 * UPD: build system: Remove ABI checks and the --enable-developer option, GitHub#262 * FIX: initscript: Improvements to Debian SysV init script - Source init-functions, GitHub#386 - Add a Description and Short-Description, GitHub#428 * FIX: docs: Clarify localstate dir configurability in manual, GitHub#401 * UPD: docs: Make BerkeleyDB 5.3.x the recommended version, GitHub#8 * FIX: docs: Update SourceForge URLs to fix CSS styles and download links * FIX: docs: Remove obsoleted bug reporting sections, GitHub#455 * FIX: Sundry typo fixes in user visible strings and docs, GitHub#381, GitHub#382 * UPD: Rename asip-status.pl as asip-status to make naming implementation-agnostic, GitHub#379 * UPD: Remove redundant uid.c|h files in etc/afpd * UPD: Don't build and distribute deprecated cnid2_create tool, GitHub#412 * UPD: Remove deprecated megatron code and man page, GitHub#456 * UPD: Remove deprecated uniconv code and man page, GitHub#457 * UPD: Improvements to the GitHub CI workflow 3.1.15 * FIX: CVE-2022-43634 * FIX: CVE-2022-45188 * NEW: Support for macOS hosts, Intel and Apple silicon, GitHub#281 * FIX: configure.ac: update deprecated autoconf syntax * UPD: configure.ac: Support linking with system shared libraries Introduces the --with-talloc option * FIX: macros: largefile-check macro for largefile (clang 16) * UPD: macros: Update pthread macro to the latest from gnu.org * FIX: initscripts: Modernize Systemd service file. * FIX: libatalk/conf: include sys/file.h for LOCK_EX * FIX: libatalk: Change log level for realpath() error, SF bug#666 * FIX: libatalk: Change log level for real_name error, SF bug#596 * FIX: libatalk: The my_bool type is deprecated as of MySQL 8.0.1, GitHub#129 * UPD: libatalk: allow afpd to read read-protected afp.conf, SF bug#546 * UPD: libatalk: Make the "valid users" option work in the Homes section, SF bug#449 * UPD: libatalk: Check that FPDisconnectOldSession is successful, SF bug#634 * UPD: libatalk: Bring iniparser library codebase in line with current version 4.1 * FIX: afpd: Provide MNTTYPE_NFS on OmniOS to make quota work, GitHub#117 * FIX: afpd: Avoid triggering realpath() lookups with empty path, GitHub#277 * FIX: spotlight: Spotlight searches can cause afpd to segfault, GitHub#56 * UPD: spotlight: add support for tracker3, SF patch#147 * FIX: macusers: Fix output for long usernames * FIX: macusers: account for usernames with non-word characters * FIX: macusers: Support NetBSD * FIX: Fix all function declarations without a prototype * FIX: Fix C99 compliance issues * FIX: Fix gcc10 compiler warnings * UPD: Remove acsiidocs sources and release notes script * FIX: manpages: afp.conf: Parameters are not quoted, SF bug#617 * FIX: manpages: afp.conf: Document $u in home name, GitHub#123 * FIX: manpages: afp.conf: Document the usage of guest user, GitHub#298 * FIX: Document how the mysql cnid backend is configured, GitHub#69 * FIX: Fix user-visible typos in log output and man pages. * FIX: Fix spelling, syntax, and dead URLs in html manual. * NEW: Create README.md * NEW: Set up GitHub workflow and static analysis with Sonarcloud 3.1.14 * FIX: fix build with libressl >= 2.7.0, GitHub#105 * NEW: Added Ignore Directories Feature * UPD: Generate Unicode source code based on Unicode 14.0, GitHub#114 * FIX: Protect against removing AFP metadata xattr * FIX: avoid setting adouble entries on symlinks * FIX: add handling for cases where ad_entry() returns NULL, GitHub#175 * FIX: Fix setting of LD_LIBRARY_FLAGS ($shlibpath_var). * FIX: afpstats: Fedora migrating away from IO::Socket::INET6, GitHub#130 * FIX: afpd: check return values from setXXid() functions, GitHub#115 * FIX: afpd: drop groups in become_user_permanently(), GitHub#126 * FIX: Fix use after free in get_tm_used() * FIX: Fix sign extension problem in bsd_attr_list() * FIX: Fix garbage read in bsd_attr_list * FIX: make afpstats python 3 compatible * UPD: docs: manual: Remove wrong TCP-over-TCP info; minor copy editing * FIX: configure.ac: fix macro ordering for CentOS 6 * FIX: configure.ac: fix typo * FIX: configure.ac: remove some trailing whitespace * FIX: configure.ac: fix deprecated macro invocation * FIX: configure.ac: replace obsolete macro * FIX: libatalk/dsi/Makefile.am: fix deprecation warning * FIX: Store AutoMake helper script in build-aux/ * FIX: configure.ac: define a dir for macros * FIX: configure.ac: AM_CONFIG_HEADER is deprecated * FIX: autotools: Fix another deprecation warning * FIX: libgcrypt typo in configuration error message * UPD: Various CI improvements * FIX: libatalk/conf: re-generation of afp_voluuid.conf * UPD: libatalk/conf: code cleanup and add locking to get_vol_uuid() * UPD: add documentation for the lv_flags_t * FIX: No need to check for attropen on Solaris, GitHub#44 3.1.13 * FIX: CVE-2021-31439 * FIX: CVE-2022-23121 * FIX: CVE-2022-23123 * FIX: CVE-2022-23122 * FIX: CVE-2022-23125 * FIX: CVE-2022-23124 * FIX: CVE-2022-0194 * FIX: afpd: make a variable declaration a definition * UPD: Remove bundled libevent 3.1.12 * FIX: dhx uams: build with LibreSSL, GitHub#91 * FIX: various spelling errors * FIX: CVE-2018-1160 3.1.11 * NEW: Global option "zeroconf name", FR#99 * NEW: show Zeroconf support by "netatalk -V", FR#100 * UPD: gentoo: Switch openrc init script to openrc-run, GitHub#77 * FIX: log message: name of function doese not match, GitHub#78 * UPD: volume capacity reporting to match Samba behavior, GitHub#83 * FIX: debian: sysv init status command exits with proper exit code, GitHub#84 * FIX: dsi_stream_read: len:0, unexpected EOF, GitHub#82 * UPD: dhx uams: OpenSSL 1.1 support, GitHub#87 3.1.10 * FIX: cannot build when ldap is not defined, bug #630 * FIX: SIGHUP can cause core dump when mdns is enabled, bug #72 * FIX: Solaris: stale pid file puts netatalk into maintenance mode, bug #73 * FIX: dsi_stream_read: len:0, unexpected EOF, bug #633 3.1.9 * FIX: afpd: fix "admin group" option * NEW: afpd: new options "force user" and "force group" * FIX: listening on IPv6 wildcard address may fail if IPv6 is disabled, bug #606 * NEW: LibreSSL support, FR #98 * FIX: cannot build when acl is not defined, bug #574 * UPD: configure option "--with-init-style=" for Gentoo. "gentoo" is renamed to "gentoo-openrc". "gentoo-openrc" is same as "openrc". "gentoo-systemd" is same as "systemd". * NEW: configure option "--with-dbus-daemon=PATH" for Spotlight feature * UPD: use "tracker daemon" command instead of "tracker-control" command if Gnome Tracker is the recent version. * NEW: configure options "--enable-rpath" and "--disable-rpath" which can be used to force setting of RPATH (default on Solaris/NetBSD) or disable it. * NEW: configure option "--with-tracker-install-prefix" allows setting an alternate install prefix for tracker when cross-compiling. * UPD: asip-status.pl: IPv6 support * UPD: asip-status.pl: show GSS-UAM SPNEGO blob * FIX: afpd: don't use network IDs without LDAP, bug #621 * FIX: afpd: reading from file may fail, bug #619 * NEW: AFP clients should not be able to copy or manipulate special extended attributes set by NFS and SMB servers on Solaris, issue #36 * FIX: ad: ad cp may crash, bug #622 * UPD: Update Unicode support to version 9.0.0 3.1.8 * FIX: CNID/MySQL: Quote UUID table names. https://sourceforge.net/p/netatalk/bugs/585/ * FIX: Crash in cnid_metad, bug #593 * UPD: Update Unicode support to version 8.0.0 * FIX: larger server side copyfile buffer for improved IO performance, bug #599 * NEW: afpd: new option "ea = samba". Use Samba vfs_streams_xattr compatible xattrs which means adding a 0 byte at the end of xattrs. * FIX: remove #541 workaround patch. There was this problem with only early Fedora 20. * FIX: rpmbuild fails on Fedora x86_64, bug #598 * FIX: Listen on IPv6 wildcard address by default, bug #602 * FIX: FCE protocol version 1 packets, bug #603 * UPD: Update list of BerkeleyDB versions searched at configure time 3.1.7 * UPD: Spotlight: enhance behaviour for long running queries, client will now show "progress wheel" while waiting for first results. * FIX: netatalk: fix a crash on Solaris when registering with mDNS * FIX: netatalk: SIGHUP would kill the process instead of being resent to the other Netatalk processes, bug #579 * FIX: afpd: Solaris locking problem, bug #559 * FIX: Handling of malformed UTF8 strings, bug #524 * FIX: afpd: umask handling, bug #576 * FIX: Spotlight: Limiting searches to subfolders, bug #581 * FIX: afpd: reloading logging config may result in privilege escalation in afpd processes * FIX: afpd: ACL related error messages, now logged with loglevel debug instead of error * FIX: cnid_metad: fix tsockfd_create() return value on error * FIX: CNID/MySQL: volume table name generation, bug #566. 3.1.6 * FIX: Spotlight: fix for long running queries * UPD: afpd: distribute SIGHUP from parent afpd to children and force reload shares * FIX: netatalk: refresh Zeroconf registration when receiving SIGHUP * NEW: configure option "--with-init-style=debian-systemd" for Debian 8 jessie and later. "--with-init-style=debian" is renamed "--with-init-style=debian-sysv". 3.1.5 * FIX: Spotlight: several important fixes 3.1.4 * FIX: afpd: Hangs in Netatalk which causes it to stop responding to connections, bug #572. * NEW: afpd: new option "force xattr with sticky bit = yes|no" (default: no), FR #94 * UPD: afpd: FCE version 2 with new event types and new config options "fce ignore names" and "fce notify script" * UPD: afpd: check for modified included config file, FR #95. * UPD: libatalk: logger: remove flood protection and allocate messages * UPD: Spotlight: use async Tracker SPARQL API * NEW: afpd: new option "case sensitive = yes|no" (default: yes) In spite of being case sensitive as a matter of fact, netatalk 3.1.3 and earlier did not notify kCaseSensitive flag to the client. Now, it is notified correctly by default, FR #62. 3.1.3 * UPD: Spotlight: more SPARQL query optimisations * UPD: Spotlight: new options "sparql results limit", "spotlight attributes" and "spotlight expr" * FIX: afpd: Unarchiving certain ZIP archives fails, bug #569 * UPD: Update Unicode support to version 7.0.0 * FIX: Memory overflow caused by 'basedir regex', bug #567 * NEW: afpd: delete empty resource forks, from FR #92 * FIX: afpd: fix a crash when accessing ._ AppleDouble files created by OS X via SMB, bug #564 * FIX: afpd and dbd: Converting from AppleDouble v2 to ea may corrupt the resource fork. In some circumstances an offset calculation is wrong resulting in corrupt resource forks after the conversion. Bug #568. * FIX: ad: fix for bug #563 broke ad file utilities, bug #570. * NEW: afpd: new advanced option controlling permissions and ACLs, from FR #93 Signed-off-by: Adolf Belka --- config/rootfiles/packages/netatalk | 28 +++---------------- lfs/netatalk | 28 ++++++++++--------- ...ix_from_sysconfdir_and_localstatedir.patch | 15 ++++++++++ 3 files changed, 34 insertions(+), 37 deletions(-) create mode 100644 src/patches/netatalk-3.2.5_remove_prefix_from_sysconfdir_and_localstatedir.patch diff --git a/config/rootfiles/packages/netatalk b/config/rootfiles/packages/netatalk index 074ae442d..d23b05390 100644 --- a/config/rootfiles/packages/netatalk +++ b/config/rootfiles/packages/netatalk @@ -1,4 +1,5 @@ etc/afp.conf +#etc/dbus-1/system.d/netatalk-dbus.conf etc/dbus-session.conf etc/extmap.conf etc/pam.d/netatalk @@ -8,8 +9,7 @@ usr/bin/afpldaptest usr/bin/afppasswd usr/bin/afpstats usr/bin/apple_dump -usr/bin/asip-status.pl -usr/bin/cnid2_create +usr/bin/asip-status usr/bin/dbd usr/bin/macusers #usr/bin/netatalk-config @@ -19,7 +19,6 @@ usr/bin/macusers #usr/include/atalk/afp.h #usr/include/atalk/bstrlib.h #usr/include/atalk/cnid.h -#usr/include/atalk/compat.h #usr/include/atalk/dictionary.h #usr/include/atalk/ea.h #usr/include/atalk/globals.h @@ -36,8 +35,6 @@ usr/bin/macusers #usr/include/atalk/util.h #usr/include/atalk/vfs.h #usr/include/atalk/volume.h -#usr/lib/libatalk.a -#usr/lib/libatalk.la #usr/lib/libatalk.so usr/lib/libatalk.so.18 usr/lib/libatalk.so.18.0.0 @@ -45,45 +42,28 @@ usr/lib/libatalk.so.18.0.0 #usr/lib/netatalk/uams_clrtxt.so usr/lib/netatalk/uams_dhx.so usr/lib/netatalk/uams_dhx2.so -#usr/lib/netatalk/uams_dhx2_pam.a -#usr/lib/netatalk/uams_dhx2_pam.la usr/lib/netatalk/uams_dhx2_pam.so -#usr/lib/netatalk/uams_dhx2_passwd.a -#usr/lib/netatalk/uams_dhx2_passwd.la usr/lib/netatalk/uams_dhx2_passwd.so -#usr/lib/netatalk/uams_dhx_pam.a -#usr/lib/netatalk/uams_dhx_pam.la usr/lib/netatalk/uams_dhx_pam.so -#usr/lib/netatalk/uams_dhx_passwd.a -#usr/lib/netatalk/uams_dhx_passwd.la usr/lib/netatalk/uams_dhx_passwd.so -#usr/lib/netatalk/uams_guest.a -#usr/lib/netatalk/uams_guest.la +usr/lib/netatalk/uams_gss.so usr/lib/netatalk/uams_guest.so -#usr/lib/netatalk/uams_pam.a -#usr/lib/netatalk/uams_pam.la usr/lib/netatalk/uams_pam.so -#usr/lib/netatalk/uams_passwd.a -#usr/lib/netatalk/uams_passwd.la usr/lib/netatalk/uams_passwd.so -#usr/lib/netatalk/uams_randnum.a -#usr/lib/netatalk/uams_randnum.la usr/lib/netatalk/uams_randnum.so usr/sbin/afpd usr/sbin/cnid_dbd usr/sbin/cnid_metad usr/sbin/netatalk -#usr/share/aclocal/netatalk.m4 #usr/share/man/man1/ad.1 #usr/share/man/man1/afpldaptest.1 #usr/share/man/man1/afppasswd.1 #usr/share/man/man1/afpstats.1 #usr/share/man/man1/apple_dump.1 -#usr/share/man/man1/asip-status.pl.1 +#usr/share/man/man1/asip-status.1 #usr/share/man/man1/dbd.1 #usr/share/man/man1/macusers.1 #usr/share/man/man1/netatalk-config.1 -#usr/share/man/man1/uniconv.1 #usr/share/man/man5/afp.conf.5 #usr/share/man/man5/afp_signature.conf.5 #usr/share/man/man5/afp_voluuid.conf.5 diff --git a/lfs/netatalk b/lfs/netatalk index 5875fb1b2..57f6bcaf9 100644 --- a/lfs/netatalk +++ b/lfs/netatalk @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2023 IPFire Team # +# Copyright (C) 2007-2024 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -26,15 +26,15 @@ include Config SUMMARY = AppleShare file server -VER = 3.1.12 +VER = 3.2.5 THISAPP = netatalk-$(VER) -DL_FILE = $(THISAPP).tar.gz +DL_FILE = $(THISAPP).tar.xz DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = netatalk -PAK_VER = 8 +PAK_VER = 9 DEPS = avahi dbus @@ -50,7 +50,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 912bb85045952202becc42899f87ada33427ded987de6c7a6b56c061c1eb6d1a96d95a1700522bfe2119c6db8bbec94eeb4c64c480f59ff7d406542390705efc +$(DL_FILE)_BLAKE2 = 017c8390f4d6e7f81fcc9ddde459af48a47acd9e3fdf3b230887d36ebf96518a96e3483ac063ee734b20e9bca39c7cc2c9c1720265fb05d49358447bedc2976d install : $(TARGET) @@ -82,15 +82,17 @@ $(subst %,%_BLAKE2,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) - @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) $(UPDATE_AUTOMAKE) - cd $(DIR_APP) && ./configure \ - --prefix=/usr \ - --sysconfdir=/etc \ - --localstatedir=/var/state \ - --without-libevent - cd $(DIR_APP) && make $(MAKETUNING) - cd $(DIR_APP) && make install + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/netatalk-3.2.5_remove_prefix_from_sysconfdir_and_localstatedir.patch + cd $(DIR_APP) && meson setup \ + --prefix=/usr \ + --sysconfdir=/etc \ + --localstatedir=/var/state \ + -Dwith-pam-config-path=/etc/pam.d \ + builddir/ + cd $(DIR_APP) && ninja -C builddir/ $(MAKETUNING) + cd $(DIR_APP) && ninja -C builddir/ install # Backup install -v -m 644 $(DIR_SRC)/config/backup/includes/netatalk \ diff --git a/src/patches/netatalk-3.2.5_remove_prefix_from_sysconfdir_and_localstatedir.patch b/src/patches/netatalk-3.2.5_remove_prefix_from_sysconfdir_and_localstatedir.patch new file mode 100644 index 000000000..51ce3d648 --- /dev/null +++ b/src/patches/netatalk-3.2.5_remove_prefix_from_sysconfdir_and_localstatedir.patch @@ -0,0 +1,15 @@ +--- netatalk-3.2.5/meson.build.orig 2024-08-01 12:16:47.000000000 +0200 ++++ netatalk-3.2.5/meson.build 2024-08-08 16:07:31.337732788 +0200 +@@ -39,10 +39,10 @@ + datadir = prefix / get_option('datadir') + includedir = prefix / get_option('includedir') + libdir = prefix / get_option('libdir') +-localstatedir = prefix / get_option('localstatedir') ++localstatedir = get_option('localstatedir') + mandir = prefix / get_option('mandir') + sbindir = prefix / get_option('sbindir') +-sysconfdir = prefix / get_option('sysconfdir') ++sysconfdir = get_option('sysconfdir') + + pkgconfdir = get_option('with-pkgconfdir-path') + if pkgconfdir == ''