From b1d0361b14dde58a6123197436d332df0e3dcae6 Mon Sep 17 00:00:00 2001
From: Michael Marineau <michael.marineau@coreos.com>
Date: Wed, 12 Feb 2014 17:28:51 -0800
Subject: [PATCH] add(net-analyzer/nmap): Add ncat to production builds.

Nmap itself is excluded, just want the basic network tools.
ncat is a netcat implementation with support for fun things like SSL.
In the future we could add nping but since we already include iputils
that is not quite as important as ncat.

The nmap ebuild includes a compile fix posted here:
https://bugs.gentoo.org/show_bug.cgi?id=501136
---
 ...1-r217.ebuild => coreos-0.0.1-r218.ebuild} |   0
 .../coreos-base/coreos/coreos-0.0.1.ebuild    |   3 +-
 .../coreos-overlay/net-analyzer/nmap/Manifest |   2 +
 .../nmap/files/nmap-4.75-nolua.patch          |  10 ++
 .../nmap/files/nmap-5.10_beta1-string.patch   |  11 ++
 .../nmap/files/nmap-5.21-python.patch         |  21 +++
 .../nmap/files/nmap-6.01-make.patch           |  20 +++
 .../nmap/files/nmap-6.25-liblua-ar.patch      |  20 +++
 .../nmap/files/nmap-6.40-ncat-no-lua.patch    |  13 ++
 .../nmap/files/nmap-6.40-uninstaller.patch    |  18 +++
 .../net-analyzer/nmap/nmap-6.40-r1.ebuild     | 141 ++++++++++++++++++
 .../coreos/base/package.accept_keywords       |   3 +
 .../profiles/coreos/base/package.unmask       |   2 +
 .../profiles/coreos/base/package.use          |   2 +
 .../coreos/targets/generic/make.defaults      |   8 +
 15 files changed, 273 insertions(+), 1 deletion(-)
 rename sdk_container/src/third_party/coreos-overlay/coreos-base/coreos/{coreos-0.0.1-r217.ebuild => coreos-0.0.1-r218.ebuild} (100%)
 create mode 100644 sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/Manifest
 create mode 100644 sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-4.75-nolua.patch
 create mode 100644 sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-5.10_beta1-string.patch
 create mode 100644 sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-5.21-python.patch
 create mode 100644 sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-6.01-make.patch
 create mode 100644 sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-6.25-liblua-ar.patch
 create mode 100644 sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-6.40-ncat-no-lua.patch
 create mode 100644 sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-6.40-uninstaller.patch
 create mode 100644 sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/nmap-6.40-r1.ebuild
 create mode 100644 sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.unmask

diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos/coreos-0.0.1-r217.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos/coreos-0.0.1-r218.ebuild
similarity index 100%
rename from sdk_container/src/third_party/coreos-overlay/coreos-base/coreos/coreos-0.0.1-r217.ebuild
rename to sdk_container/src/third_party/coreos-overlay/coreos-base/coreos/coreos-0.0.1-r218.ebuild
diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos/coreos-0.0.1.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos/coreos-0.0.1.ebuild
index d63587f993..525d57ed97 100644
--- a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos/coreos-0.0.1.ebuild
+++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos/coreos-0.0.1.ebuild
@@ -108,8 +108,9 @@ RDEPEND="${RDEPEND}
 	coreos-base/coreos-installer
 	coreos-base/coreos-init
 	coreos-base/coretest
-	net-misc/dhcpcd
+	net-analyzer/nmap
 	net-firewall/iptables
+	net-misc/dhcpcd
 	net-misc/rsync
 	net-misc/tlsdate
 	net-misc/wget
diff --git a/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/Manifest b/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/Manifest
new file mode 100644
index 0000000000..dc92020178
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/Manifest
@@ -0,0 +1,2 @@
+DIST nmap-6.40.tar.bz2 7871636 SHA256 491f77d8b3fb3bb38ba4e3850011fe6fb43bbe197f9382b88cb59fa4e8f7a401 SHA512 b0ccb7634838e814dc0e36a0dbfc8c74853ef9dc6a119b73ffc90caab8875cbae893e0d24371ea568f9fff969440ed2a2e89953a6dbb6eb26313a4ea25b02b3b WHIRLPOOL 18424b67a8ace959c129e00e4b0d8a8e893aa08cfabb1b47b4fe9fc4316c29f713a2f83b789db28b4158c18bf80aea0bee071751187c0eb7e1a4b6693c3f4f98
+DIST nmap-logo-64.png 3289 SHA256 4c72ff1eeffeeaa1039b251d9f2d675936e65db686fe3b57a35c2183ce67a8aa SHA512 fb102d12aaeebc8a97543ecd653a3606e86996ad679bc26d6e6e274ad05ec3e9f92521289d1a24153c521b699e8c0cfa65d8856bb49af53ee4837268bbc6b5d3 WHIRLPOOL 6093aadcb9880587e17d39d45fcbe57bb62777f220655e6ed5b5f900ce49cb8c5a53e24d7db0de6f8909eb0f8981f7565e6ae9b9bf9283a4ccccb0526eab5313
diff --git a/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-4.75-nolua.patch b/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-4.75-nolua.patch
new file mode 100644
index 0000000000..30bb1e0c86
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-4.75-nolua.patch
@@ -0,0 +1,10 @@
+diff -Naur nmap-4.75-orig/Makefile.in nmap-4.75/Makefile.in
+--- nmap-4.75-orig/Makefile.in	2008-09-05 07:32:06.000000000 +0200
++++ nmap-4.75/Makefile.in	2008-09-09 16:34:38.000000000 +0200
+@@ -258,5 +258,5 @@
+ 	./config.status --recheck
+ 
+ makefile.dep:
+-	$(CXX) -MM $(CPPFLAGS) $(SRCS) > $@
++	$(CXX) -MM $(CPPFLAGS) $(CXXFLAGS) $(SRCS) > $@
+ include makefile.dep
diff --git a/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-5.10_beta1-string.patch b/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-5.10_beta1-string.patch
new file mode 100644
index 0000000000..df29db3782
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-5.10_beta1-string.patch
@@ -0,0 +1,11 @@
+--- nmap-5.10BETA1/Target.h.org	2009-12-08 08:21:59.000000000 +0100
++++ nmap-5.10BETA1/Target.h	2009-12-08 08:22:02.000000000 +0100
+@@ -99,6 +99,8 @@
+ 
+ #ifndef NOLUA
+ #include "nse_main.h"
++#else
++#include <string>
+ #endif
+ 
+ #include "portreasons.h"
diff --git a/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-5.21-python.patch b/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-5.21-python.patch
new file mode 100644
index 0000000000..aa0d4f9db9
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-5.21-python.patch
@@ -0,0 +1,21 @@
+diff -Naurp nmap-5.21-orig/Makefile.in nmap-5.21/Makefile.in
+--- nmap-5.21-orig/Makefile.in	2010-01-31 09:53:53.000000000 +0100
++++ nmap-5.21/Makefile.in	2010-01-31 09:54:48.000000000 +0100
+@@ -253,7 +253,7 @@ build-zenmap: $(ZENMAPDIR)/setup.py $(ZE
+ 
+ install-zenmap: $(ZENMAPDIR)/setup.py
+ 	$(INSTALL) -d $(DESTDIR)$(bindir) $(DESTDIR)$(mandir)/man1
+-	cd $(ZENMAPDIR) && $(PYTHON) setup.py --quiet install --prefix "$(prefix)" --force $(if $(DESTDIR),--root "$(DESTDIR)")
++	cd $(ZENMAPDIR) && $(PYTHON) setup.py --quiet install --prefix "$(prefix)" --force $(if $(DESTDIR),--root "$(DESTDIR)") --no-compile
+ 	$(INSTALL) -c -m 644 docs/zenmap.1 $(DESTDIR)$(mandir)/man1/
+ # Create a symlink from nmapfe to zenmap if nmapfe doesn't exist or is
+ # already a link.
+@@ -267,7 +267,7 @@ build-ndiff:
+ 	cd $(NDIFFDIR) && $(PYTHON) setup.py build $(if $(DESTDIR),--executable "$(DEFAULT_PYTHON_PATH)")
+ 
+ install-ndiff:
+-	cd $(NDIFFDIR) && $(PYTHON) setup.py install --prefix "$(prefix)" $(if $(DESTDIR),--root "$(DESTDIR)")
++	cd $(NDIFFDIR) && $(PYTHON) setup.py install --prefix "$(prefix)" $(if $(DESTDIR),--root "$(DESTDIR)") --no-compile
+ 
+ NSE_FILES = scripts/script.db scripts/*.nse
+ NSE_LIB_LUA_FILES = nselib/*.lua
diff --git a/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-6.01-make.patch b/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-6.01-make.patch
new file mode 100644
index 0000000000..2711b3168b
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-6.01-make.patch
@@ -0,0 +1,20 @@
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -119,6 +119,8 @@
+ 	rm -f $@
+ 	$(CXX) $(LDFLAGS) -o $@ $(OBJS) $(LIBS)
+ 
++$(NBASEDIR)/libnbase.a: nbase_build
++
+ build-%: %/Makefile
+ 	cd $* && $(MAKE)
+ 
+@@ -152,7 +154,7 @@
+ liblinear_build: $(LIBLINEARDIR)/Makefile
+ 	@echo Compiling liblinear; cd $(LIBLINEARDIR) && $(MAKE) liblinear.a CC="$(CC)" CXX="$(CXX)" CFLAGS="$(CFLAGS)"
+ 
+-build-nmap-update: nmap-update/default_channel.h
++build-nmap-update: nbase_build nmap-update/default_channel.h
+ 
+ #$(LIBPCAPDIR)/Makefile:
+ #	@echo Configuring libpcap; cd $(LIBPCAPDIR); ./configure
diff --git a/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-6.25-liblua-ar.patch b/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-6.25-liblua-ar.patch
new file mode 100644
index 0000000000..5aa9fa7f63
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-6.25-liblua-ar.patch
@@ -0,0 +1,20 @@
+--- a/liblua/Makefile
++++ b/liblua/Makefile
+@@ -11,7 +11,7 @@
+ LDFLAGS= $(SYSLDFLAGS) $(MYLDFLAGS)
+ LIBS= -lm $(SYSLIBS) $(MYLIBS)
+ 
+-AR= ar rcu
++AR= ar
+ RANLIB= ranlib
+ RM= rm -f
+ 
+@@ -56,7 +56,7 @@
+ a:	$(ALL_A)
+ 
+ $(LUA_A): $(BASE_O)
+-	$(AR) $@ $(BASE_O)
++	$(AR) rcu $@ $(BASE_O)
+ 	$(RANLIB) $@
+ 
+ $(LUA_T): $(LUA_O) $(LUA_A)
diff --git a/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-6.40-ncat-no-lua.patch b/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-6.40-ncat-no-lua.patch
new file mode 100644
index 0000000000..2be19a83a0
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-6.40-ncat-no-lua.patch
@@ -0,0 +1,13 @@
+--- nmap-6.40/ncat/ncat_posix.c.orig	2014-02-12 17:09:12.970777567 -0800
++++ nmap-6.40/ncat/ncat_posix.c	2014-02-12 17:10:06.135387292 -0800
+@@ -122,7 +122,10 @@
+ /* $Id$ */
+ 
+ #include "ncat.h"
++
++#ifdef HAVE_LUA
+ #include "ncat_lua.h"
++#endif
+ 
+ char **cmdline_split(const char *cmdexec);
+ 
diff --git a/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-6.40-uninstaller.patch b/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-6.40-uninstaller.patch
new file mode 100644
index 0000000000..10bc67b14a
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/files/nmap-6.40-uninstaller.patch
@@ -0,0 +1,18 @@
+--- a/zenmap/setup.py
++++ b/zenmap/setup.py
+@@ -238,7 +238,6 @@
+         self.set_perms()
+         self.set_modules_path()
+         self.fix_paths()
+-        self.create_uninstaller()
+         self.write_installed_files()
+ 
+     def get_installed_files(self):
+@@ -255,7 +254,6 @@
+         for dirpath, dirs, files in os.walk(os.path.join(self.install_data, data_dir)):
+             for dir in dirs:
+                 installed_files.append(os.path.join(dirpath, dir))
+-        installed_files.append(os.path.join(self.install_scripts, "uninstall_" + APP_NAME))
+         return installed_files
+ 
+     def create_uninstaller(self):
diff --git a/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/nmap-6.40-r1.ebuild b/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/nmap-6.40-r1.ebuild
new file mode 100644
index 0000000000..88f9013905
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/net-analyzer/nmap/nmap-6.40-r1.ebuild
@@ -0,0 +1,141 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/nmap/nmap-6.40-r1.ebuild,v 1.3 2013/12/01 20:36:20 zerochaos Exp $
+
+EAPI=5
+
+PYTHON_COMPAT=( python2_{6,7} )
+PYTHON_REQ_USE="sqlite"
+inherit eutils flag-o-matic python-single-r1 toolchain-funcs
+
+MY_P=${P/_beta/BETA}
+
+DESCRIPTION="A utility for network exploration or security auditing"
+HOMEPAGE="http://nmap.org/"
+SRC_URI="
+	http://nmap.org/dist/${MY_P}.tar.bz2
+	http://dev.gentoo.org/~jer/nmap-logo-64.png
+"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~x86-solaris"
+
+IUSE="ipv6 +lua ncat ndiff nls nmap-update nping ssl zenmap"
+NMAP_LINGUAS=( de es fr hr hu id it ja pl pt_BR pt_PT ro ru sk zh )
+IUSE+=" ${NMAP_LINGUAS[@]/#/linguas_}"
+
+NMAP_PYTHON_DEPEND="
+	|| ( ${PYTHON_DEPS} )
+"
+RDEPEND="
+	dev-libs/libpcre
+	net-libs/libpcap[ipv6?]
+	zenmap? (
+		dev-python/pygtk:2
+		${NMAP_PYTHON_DEPEND}
+	)
+	lua? ( >=dev-lang/lua-5.2[deprecated] )
+	ndiff? ( ${NMAP_PYTHON_DEPEND} )
+	nls? ( virtual/libintl )
+	nmap-update? ( dev-libs/apr dev-vcs/subversion )
+	ssl? ( dev-libs/openssl )
+"
+DEPEND="
+	${RDEPEND}
+	nls? ( sys-devel/gettext )
+"
+
+S="${WORKDIR}/${MY_P}"
+
+src_unpack() {
+	# prevent unpacking the logo
+	unpack ${MY_P}.tar.bz2
+}
+
+src_prepare() {
+	epatch \
+		"${FILESDIR}"/${PN}-4.75-nolua.patch \
+		"${FILESDIR}"/${PN}-5.10_beta1-string.patch \
+		"${FILESDIR}"/${PN}-5.21-python.patch \
+		"${FILESDIR}"/${PN}-6.01-make.patch \
+		"${FILESDIR}"/${PN}-6.25-liblua-ar.patch \
+		"${FILESDIR}"/${P}-ncat-no-lua.patch \
+		"${FILESDIR}"/${P}-uninstaller.patch
+
+	sed -i \
+		-e 's/-m 755 -s ncat/-m 755 ncat/' \
+		ncat/Makefile.in || die
+
+	if use nls; then
+		local lingua=''
+		for lingua in ${NMAP_LINGUAS}; do
+			if ! use linguas_${lingua}; then
+				rm -rf zenmap/share/zenmap/locale/${lingua}
+				rm -f zenmap/share/zenmap/locale/${lingua}.po
+			fi
+		done
+	else
+		# configure/make ignores --disable-nls
+		for lingua in ${NMAP_LINGUAS}; do
+			rm -rf zenmap/share/zenmap/locale/${lingua}
+			rm -f zenmap/share/zenmap/locale/${lingua}.po
+		done
+	fi
+
+	sed -i \
+		-e '/^ALL_LINGUAS =/{s|$| id|g;s|jp|ja|g}' \
+		Makefile.in || die
+
+	# Fix desktop files wrt bug #432714
+	sed -i \
+		-e '/^Encoding/d' \
+		-e 's|^Categories=.*|Categories=Network;System;Security;|g' \
+		zenmap/install_scripts/unix/zenmap-root.desktop \
+		zenmap/install_scripts/unix/zenmap.desktop || die
+
+	epatch_user
+}
+
+src_configure() {
+	# The bundled libdnet is incompatible with the version available in the
+	# tree, so we cannot use the system library here.
+	econf \
+		$(use_enable ipv6) \
+		$(use_enable nls) \
+		$(use_with zenmap) \
+		$(usex lua --with-liblua=/usr --without-liblua) \
+		$(use_with ncat) \
+		$(use_with ndiff) \
+		$(use_with nmap-update) \
+		$(use_with nping) \
+		$(use_with ssl openssl) \
+		--with-libdnet=included \
+		--with-pcre=/usr
+}
+
+src_compile() {
+	emake \
+		AR=$(tc-getAR) \
+		RANLIB=$(tc-getRANLIB )
+}
+
+src_install() {
+	LC_ALL=C emake -j1 \
+		DESTDIR="${D}" \
+		STRIP=: \
+		nmapdatadir="${EPREFIX}"/usr/share/nmap \
+		install
+	if use nmap-update;then
+		LC_ALL=C emake -j1 \
+			-C nmap-update \
+			DESTDIR="${D}" \
+			STRIP=: \
+			nmapdatadir="${EPREFIX}"/usr/share/nmap \
+			install
+	fi
+
+	dodoc CHANGELOG HACKING docs/README docs/*.txt
+
+	use zenmap && doicon "${DISTDIR}/nmap-logo-64.png"
+}
diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords
index 74590dfb0e..98a3216c36 100644
--- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords
+++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords
@@ -88,3 +88,6 @@
 
 # no version marked stable upstream
 dev-util/checkbashisms
+
+# masked upstream due to lua dep, but we don't enable lua support
+=net-analyzer/nmap-6.40-r1
diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.unmask b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.unmask
new file mode 100644
index 0000000000..b4ca8272c7
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.unmask
@@ -0,0 +1,2 @@
+# masked upstream due to lua dep, but we don't enable lua support
+~net-analyzer/nmap-6.40
diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.use b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.use
index b0c80d308f..85242b6b56 100644
--- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.use
+++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.use
@@ -73,3 +73,5 @@ sys-libs/gdbm berkdb
 sys-libs/zlib static-libs
 
 dev-vcs/git -perl -iconv
+
+net-analyzer/nmap ncat -lua
diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/targets/generic/make.defaults b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/targets/generic/make.defaults
index 2f1fb8758c..b0734a30e1 100644
--- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/targets/generic/make.defaults
+++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/targets/generic/make.defaults
@@ -37,5 +37,13 @@ PROD_INSTALL_MASK="${INSTALL_MASK}
   /usr/src
 "
 
+# Exclude nmap from prod image, we just want ncat/nping in there
+# Also remove ncat's second ca-bundle.crt, just use the system's
+PROD_INSTALL_MASK="${PROD_INSTALL_MASK}
+  /usr/bin/nmap
+  /usr/share/ncat
+  /usr/share/nmap
+"
+
 # No suffix for 'generic' (use base, not base-usr)
 COREOS_DISK_LAYOUT_SUFFIX=""