* [PATCH libnetfilter_log] autoconf: don't curl build script
@ 2025-03-09 10:55 Florian Westphal
2025-03-10 1:49 ` Duncan Roe
2025-03-10 20:19 ` Pablo Neira Ayuso
0 siblings, 2 replies; 5+ messages in thread
From: Florian Westphal @ 2025-03-09 10:55 UTC (permalink / raw)
To: netfilter-devel; +Cc: Florian Westphal
This is a bad idea; cloning repo followed by "./autogen.sh" brings
repository into a changed state.
Partial revert of 74576db959cb
("build: doc: `make` generates requested documentation")
Signed-off-by: Florian Westphal <fw@strlen.de>
---
autogen.sh | 8 --------
1 file changed, 8 deletions(-)
diff --git a/autogen.sh b/autogen.sh
index 93e2a23135d4..5e1344a85402 100755
--- a/autogen.sh
+++ b/autogen.sh
@@ -1,12 +1,4 @@
#!/bin/sh -e
-BUILD_MAN=doxygen/build_man.sh
-
-# Allow to override build_man.sh url for local testing
-# E.g. export NFQ_URL=file:///usr/src/libnetfilter_queue
-curl ${NFQ_URL:-https://git.netfilter.org/libnetfilter_queue/plain}/$BUILD_MAN\
- -o$BUILD_MAN
-chmod a+x $BUILD_MAN
-
autoreconf -fi
rm -Rf autom4te.cache
--
2.48.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH libnetfilter_log] autoconf: don't curl build script
2025-03-09 10:55 [PATCH libnetfilter_log] autoconf: don't curl build script Florian Westphal
@ 2025-03-10 1:49 ` Duncan Roe
2025-03-10 8:34 ` Florian Westphal
2025-03-10 20:19 ` Pablo Neira Ayuso
1 sibling, 1 reply; 5+ messages in thread
From: Duncan Roe @ 2025-03-10 1:49 UTC (permalink / raw)
To: Florian Westphal; +Cc: Netfilter Development, Pablo Neira Ayuso
Hi Florian,
On Sun, Mar 09, 2025 at 11:55:19AM +0100, Florian Westphal wrote:
> This is a bad idea; cloning repo followed by "./autogen.sh" brings
> repository into a changed state.
>
> Partial revert of 74576db959cb
> ("build: doc: `make` generates requested documentation")
>
> Signed-off-by: Florian Westphal <fw@strlen.de>
> ---
> autogen.sh | 8 --------
> 1 file changed, 8 deletions(-)
>
> diff --git a/autogen.sh b/autogen.sh
> index 93e2a23135d4..5e1344a85402 100755
> --- a/autogen.sh
> +++ b/autogen.sh
> @@ -1,12 +1,4 @@
> #!/bin/sh -e
>
> -BUILD_MAN=doxygen/build_man.sh
> -
> -# Allow to override build_man.sh url for local testing
> -# E.g. export NFQ_URL=file:///usr/src/libnetfilter_queue
> -curl ${NFQ_URL:-https://git.netfilter.org/libnetfilter_queue/plain}/$BUILD_MAN\
> - -o$BUILD_MAN
> -chmod a+x $BUILD_MAN
> -
> autoreconf -fi
> rm -Rf autom4te.cache
> --
> 2.48.1
>
>
| This is a bad idea; cloning repo followed by "./autogen.sh" brings
| repository into a changed state.
Agree with the above, except IMHO the "bad idea" is to have a frozen version of
build_man.sh in the repository at all.
Pablo did that - I didn't like to quibble at the time but I thought no good
would come of it.
I've sent in an alternative patch to remove build_man.sh from the repo and add
it to .gitignore.
With this patch git clone followed by "./autogen.sh" behaves as it should.
Cheers ... Duncan.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH libnetfilter_log] autoconf: don't curl build script
2025-03-10 1:49 ` Duncan Roe
@ 2025-03-10 8:34 ` Florian Westphal
2025-03-10 10:13 ` Duncan Roe
0 siblings, 1 reply; 5+ messages in thread
From: Florian Westphal @ 2025-03-10 8:34 UTC (permalink / raw)
To: Florian Westphal, Netfilter Development, Pablo Neira Ayuso
Duncan Roe <duncan_roe@optusnet.com.au> wrote:
> | This is a bad idea; cloning repo followed by "./autogen.sh" brings
> | repository into a changed state.
>
> Agree with the above, except IMHO the "bad idea" is to have a frozen version of
> build_man.sh in the repository at all.
I absolutely hate the idea of fetching stuff at build time.
And in this case, we fetch an exectuable shell script from
untrusted location.
It has backdoor written all over it.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH libnetfilter_log] autoconf: don't curl build script
2025-03-10 8:34 ` Florian Westphal
@ 2025-03-10 10:13 ` Duncan Roe
0 siblings, 0 replies; 5+ messages in thread
From: Duncan Roe @ 2025-03-10 10:13 UTC (permalink / raw)
To: Florian Westphal; +Cc: Netfilter Development
On Mon, Mar 10, 2025 at 09:34:46AM +0100, Florian Westphal wrote:
>
> I absolutely hate the idea of fetching stuff at build time.
> And in this case, we fetch an exectuable shell script from
> untrusted location.
>
Ok in future I'll send build_man patches to libnetfilter_log once they're
applied to libnetfilter_queue.
Have just found an error in the latest update :( so will wait for the fix
to be accepted.
Cheers ... Duncan.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH libnetfilter_log] autoconf: don't curl build script
2025-03-09 10:55 [PATCH libnetfilter_log] autoconf: don't curl build script Florian Westphal
2025-03-10 1:49 ` Duncan Roe
@ 2025-03-10 20:19 ` Pablo Neira Ayuso
1 sibling, 0 replies; 5+ messages in thread
From: Pablo Neira Ayuso @ 2025-03-10 20:19 UTC (permalink / raw)
To: Florian Westphal; +Cc: netfilter-devel
On Sun, Mar 09, 2025 at 11:55:19AM +0100, Florian Westphal wrote:
> This is a bad idea; cloning repo followed by "./autogen.sh" brings
> repository into a changed state.
>
> Partial revert of 74576db959cb
> ("build: doc: `make` generates requested documentation")
Please, apply this. Thanks.
> Signed-off-by: Florian Westphal <fw@strlen.de>
> ---
> autogen.sh | 8 --------
> 1 file changed, 8 deletions(-)
>
> diff --git a/autogen.sh b/autogen.sh
> index 93e2a23135d4..5e1344a85402 100755
> --- a/autogen.sh
> +++ b/autogen.sh
> @@ -1,12 +1,4 @@
> #!/bin/sh -e
>
> -BUILD_MAN=doxygen/build_man.sh
> -
> -# Allow to override build_man.sh url for local testing
> -# E.g. export NFQ_URL=file:///usr/src/libnetfilter_queue
> -curl ${NFQ_URL:-https://git.netfilter.org/libnetfilter_queue/plain}/$BUILD_MAN\
> - -o$BUILD_MAN
> -chmod a+x $BUILD_MAN
> -
> autoreconf -fi
> rm -Rf autom4te.cache
> --
> 2.48.1
>
>
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2025-03-10 20:19 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-03-09 10:55 [PATCH libnetfilter_log] autoconf: don't curl build script Florian Westphal
2025-03-10 1:49 ` Duncan Roe
2025-03-10 8:34 ` Florian Westphal
2025-03-10 10:13 ` Duncan Roe
2025-03-10 20:19 ` Pablo Neira Ayuso
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.