summary refs log tree commit diff
path: root/gnu
diff options
context:
space:
mode:
authorDanny Milosavljevic <dannym@scratchpost.org>2017-07-10 00:05:21 +0200
committerDanny Milosavljevic <dannym@scratchpost.org>2017-07-10 18:20:16 +0200
commit5c549f2eacae292b2349726d2f8f1de2d676cbd1 (patch)
tree5721a79229d963f15e3652dcfb597caeb8846f09 /gnu
parent9146543f8dce997c194aea93bf4c7a7a4144c8c9 (diff)
downloadguix-5c549f2eacae292b2349726d2f8f1de2d676cbd1.tar.gz
gnu: ghostscript: Make "/ID" optional, depending on environment variable.
* gnu/packages/patches/ghostscript-no-header-id.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it
* gnu/packages/ghostscript.scm (ghostscript): Use it.
Diffstat (limited to 'gnu')
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/ghostscript.scm9
-rw-r--r--gnu/packages/patches/ghostscript-no-header-id.patch57
3 files changed, 65 insertions, 2 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 0fe6cdc391..8cbded44ee 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -619,6 +619,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/gettext-gnulib-multi-core.patch          \
   %D%/packages/patches/ghc-dont-pass-linker-flags-via-response-files.patch	\
   %D%/packages/patches/ghostscript-CVE-2017-8291.patch		\
+  %D%/packages/patches/ghostscript-no-header-id.patch		\
   %D%/packages/patches/ghostscript-runpath.patch		\
   %D%/packages/patches/glib-networking-ssl-cert-file.patch	\
   %D%/packages/patches/glib-tests-timer.patch			\
diff --git a/gnu/packages/ghostscript.scm b/gnu/packages/ghostscript.scm
index b9ba1c081a..af565f3e3a 100644
--- a/gnu/packages/ghostscript.scm
+++ b/gnu/packages/ghostscript.scm
@@ -143,7 +143,8 @@ printing, and psresize, for adjusting page sizes.")
          (base32
           "0lyhjcrkmd5fcmh8h56bs4xr9k4jasmikv5vsix1hd4ai0ad1q9b"))
         (patches (search-patches "ghostscript-runpath.patch"
-                                 "ghostscript-CVE-2017-8291.patch"))
+                                 "ghostscript-CVE-2017-8291.patch"
+                                 "ghostscript-no-header-id.patch"))
         (modules '((guix build utils)))
         (snippet
           ;; Remove bundled libraries. The bundled OpenJPEG is a patched fork so
@@ -155,7 +156,11 @@ printing, and psresize, for adjusting page sizes.")
                                                 "tiff" "zlib"))
             ;; Get rid of timestamps (remove /CreationDate and /ModDate).
             (substitute* "devices/vector/gdevpdf.c"
-             ((", but we do the same") "*/ if (0) /*"))))))
+             ((", but we do the same")
+              (string-append "*/ "
+                             "if (!getenv(\"GS_GENERATE_UUIDS\") || "
+                             "(strcmp(getenv(\"GS_GENERATE_UUIDS\"), \"0\") != 0 && "
+                             "strcmp(getenv(\"GS_GENERATE_UUIDS\"), \"no\") != 0)) /*")))))))
     (build-system gnu-build-system)
     (outputs '("out" "doc"))                  ;19 MiB of HTML/PS doc + examples
     (arguments
diff --git a/gnu/packages/patches/ghostscript-no-header-id.patch b/gnu/packages/patches/ghostscript-no-header-id.patch
new file mode 100644
index 0000000000..19b71aadb5
--- /dev/null
+++ b/gnu/packages/patches/ghostscript-no-header-id.patch
@@ -0,0 +1,57 @@
+This patch makes the "/ID" field optional.
+
+If the environment variable GS_GENERATE_UUIDS is set to "0" or "no", it will
+not write out the "/ID" field (if that's permissible).
+
+Upstream does not want to do this.
+
+See: https://bugs.ghostscript.com/show_bug.cgi?id=698208
+diff -ur orig/gnu-ghostscript-9.14.0/devices/vector/gdevpdf.c gnu-ghostscript-9.14.0/devices/vector/gdevpdf.c
+--- orig/gnu-ghostscript-9.14.0/devices/vector/gdevpdf.c	2017-07-09 23:30:28.960479189 +0200
++++ gnu-ghostscript-9.14.0/devices/vector/gdevpdf.c	2017-07-09 23:34:34.306524488 +0200
+@@ -1580,8 +1580,11 @@
+      * +1 for the linearisation dict and +1 for the primary hint stream.
+      */
+     linear_params->FirsttrailerOffset = gp_ftell_64(linear_params->Lin_File.file);
+-    gs_sprintf(LDict, "\ntrailer\n<</Size %ld/Info %d 0 R/Root %d 0 R/ID[%s%s]/Prev %d>>\nstartxref\r\n0\n%%%%EOF\n        \n",
+-        linear_params->LastResource + 3, pdev->ResourceUsage[linear_params->Info_id].NewObjectNumber, pdev->ResourceUsage[linear_params->Catalog_id].NewObjectNumber, fileID, fileID, 0);
++    gs_sprintf(LDict, "\ntrailer\n<</Size %ld/Info %d 0 R/Root %d 0 R",
++        linear_params->LastResource + 3, pdev->ResourceUsage[linear_params->Info_id].NewObjectNumber, pdev->ResourceUsage[linear_params->Catalog_id].NewObjectNumber);
++    if (pdev->OwnerPassword.size > 0 || !(!getenv("GS_GENERATE_UUIDS") || (strcasecmp(getenv("GS_GENERATE_UUIDS"), "0") != 0 && strcasecmp(getenv("GS_GENERATE_UUIDS"), "no") != 0))) /* ID is mandatory when encrypting */
++        gs_sprintf(LDict, "/ID[%s%s]", fileID, fileID);
++    gs_sprintf(LDict, "/Prev %d>>\nstartxref\r\n0\n%%%%EOF\n        \n", 0);
+     fwrite(LDict, strlen(LDict), 1, linear_params->Lin_File.file);
+ 
+     /* Write document catalog (Part 4) */
+@@ -2102,8 +2105,11 @@
+      * in the missing values.
+      */
+     code = gp_fseek_64(linear_params->sfile, linear_params->FirsttrailerOffset, SEEK_SET);
+-    gs_sprintf(LDict, "\ntrailer\n<</Size %ld/Info %d 0 R/Root %d 0 R/ID[%s%s]/Prev %"PRId64">>\nstartxref\r\n0\n%%%%EOF\n",
+-        linear_params->LastResource + 3, pdev->ResourceUsage[linear_params->Info_id].NewObjectNumber, pdev->ResourceUsage[linear_params->Catalog_id].NewObjectNumber, fileID, fileID, mainxref);
++    gs_sprintf(LDict, "\ntrailer\n<</Size %ld/Info %d 0 R/Root %d 0 R",
++        linear_params->LastResource + 3, pdev->ResourceUsage[linear_params->Info_id].NewObjectNumber, pdev->ResourceUsage[linear_params->Catalog_id].NewObjectNumber);
++    if (pdev->OwnerPassword.size > 0 || !(!getenv("GS_GENERATE_UUIDS") || (strcasecmp(getenv("GS_GENERATE_UUIDS"), "0") != 0 || strcasecmp(getenv("GS_GENERATE_UUIDS"), "no") != 0))) /* ID is mandatory when encrypting */
++        gs_sprintf(LDict, "/ID[%s%s]", fileID, fileID);
++    gs_sprintf(LDict, "/Prev %"PRId64">>\nstartxref\r\n0\n%%%%EOF\n", mainxref);
+     fwrite(LDict, strlen(LDict), 1, linear_params->sfile);
+ 
+     code = gp_fseek_64(linear_params->sfile, pdev->ResourceUsage[HintStreamObj].LinearisedOffset, SEEK_SET);
+@@ -2674,10 +2680,12 @@
+             stream_puts(s, "trailer\n");
+             pprintld3(s, "<< /Size %ld /Root %ld 0 R /Info %ld 0 R\n",
+                   pdev->next_id, Catalog_id, Info_id);
+-            stream_puts(s, "/ID [");
+-            psdf_write_string(pdev->strm, pdev->fileID, sizeof(pdev->fileID), 0);
+-            psdf_write_string(pdev->strm, pdev->fileID, sizeof(pdev->fileID), 0);
+-            stream_puts(s, "]\n");
++            if (pdev->OwnerPassword.size > 0 || !(!getenv("GS_GENERATE_UUIDS") || (strcasecmp(getenv("GS_GENERATE_UUIDS"), "0") != 0 || strcasecmp(getenv("GS_GENERATE_UUIDS"), "no") != 0))) { /* ID is mandatory when encrypting */
++                stream_puts(s, "/ID [");
++                psdf_write_string(pdev->strm, pdev->fileID, sizeof(pdev->fileID), 0);
++                psdf_write_string(pdev->strm, pdev->fileID, sizeof(pdev->fileID), 0);
++                stream_puts(s, "]\n");
++            }
+             if (pdev->OwnerPassword.size > 0) {
+                 pprintld1(s, "/Encrypt %ld 0 R ", Encrypt_id);
+             }
+Nur in gnu-ghostscript-9.14.0/devices/vector: gdevpdf.c.orig.