No patch provided, because I think this will be fixed by 261523 This PR exists as a placeholder.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=ffa6993a15138fb02145d8e523d2f71adc2930a5 commit ffa6993a15138fb02145d8e523d2f71adc2930a5 Author: Joe Marcus Clarke <marcus@FreeBSD.org> AuthorDate: 2022-09-27 17:37:31 +0000 Commit: Joe Marcus Clarke <marcus@FreeBSD.org> CommitDate: 2022-09-27 17:37:31 +0000 net/netatalk3: Add a slew of upstream patches. These are primarily focused on clearing out the remaining CVE fix fallout. They handle the cases where ad_entries can be NULL, don't remove metadata, and don't allow adouble for symlinks. PR: 263123 net/netatalk3/Makefile | 2 +- net/netatalk3/files/patch-configure | 6 +- .../files/patch-etc_afpd_directory.c (new) | 53 +++++ net/netatalk3/files/patch-etc_afpd_file.c (new) | 127 +++++++++++ net/netatalk3/files/patch-etc_afpd_volume.c | 37 ++-- .../patch-etc_cnid__dbd_cmd__dbd__scanvol.c (new) | 25 +++ .../files/patch-libatalk_adouble_ad__attr.c (new) | 234 +++++++++++++++++++++ .../files/patch-libatalk_adouble_ad__conv.c (new) | 27 +++ .../files/patch-libatalk_adouble_ad__date.c (new) | 48 +++++ .../files/patch-libatalk_adouble_ad__flush.c (new) | 68 ++++++ .../files/patch-libatalk_adouble_ad__open.c | 167 ++++++++------- 11 files changed, 696 insertions(+), 98 deletions(-)
Note that depending on bdb 18+ will change the licensing to add AGPLv3. See also bug 261523, comment 24 (and bug 261523, comment 2). At a glance, it looks like netatalk3 could use tdb instead?
FYI, just last night I modified my local repo to go from bdb:5+ to bdb:18 - it built and I'm running a backup now.
(In reply to Dan Langille from comment #3) Since the newer bdb is working for you, submit a patch. If it's using a bdb that is now licensed with AGPLv3 (as bdb:18+ is), this will require that the netatalk3 port add the AGPLv3 license. Using tdb as the CNID (catalog node id) backend would avoid that, but according to the configuration documentation [[1]], "Only ever use [tdb] for volumes that are not shared and accessed by multiple clients at once !" [[1]] https://netatalk.sourceforge.io/3.0/htmldocs/configuration.html I would probably just update this port to use the newer AGPLv3 infected BDB. If someone is negatively affected by that, they can update netatalk to use a different db (possibly as an option instead of BDB) like other projects have gradually been doing to move away from BDB. Building '--with-bdb=no --with-cnid-dbd-backend=no' could be made an option, too (with appropriate plist adjustments - no bin/ad, bin/cnid2_create, bin/dbd, sbin/cnid_dbd, sbin/cnid_metad). I don't know how crucial those are for all netatalk consumers. If they aren't crucial, then an option to exclude BDB seems reasonable.
Created attachment 239340 [details] the patch I used to build with db18 - does not bump PORTVERSION
(In reply to Dan Langille from comment #5) This patch is missing: * PORTVERSION bump * License changes I didn't have time to do that before uploading.