diff options
author | tron <tron@pkgsrc.org> | 2008-09-02 11:58:48 +0000 |
---|---|---|
committer | tron <tron@pkgsrc.org> | 2008-09-02 11:58:48 +0000 |
commit | 9765a6a25f37d3d0860f38768ef0942de8eb6e10 (patch) | |
tree | edd90d72a53569d2bd5c9acc7dcc1b596bdb9604 | |
parent | f4862909d8ee38c456435201b1e2b424202dc7e3 (diff) | |
download | pkgsrc-9765a6a25f37d3d0860f38768ef0942de8eb6e10.tar.gz |
Pullup ticket #2512 - requested by tonio
bitlbee: security update
chat/bitlbee/Makefile 1.42-1.43
chat/bitlbee/distinfo 1.21-1.22
chat/bitlbee/patches/patch-aa delete
chat/bitlbee/patches/patch-ab delete
chat/bitlbee/patches/patch-ac delete
chat/bitlbee/patches/patch-ad delete
chat/bitlbee/patches/patch-ae delete
---
Module Name: pkgsrc
Committed By: tonio
Date: Wed Jul 23 21:11:40 UTC 2008
Modified Files:
pkgsrc/chat/bitlbee: Makefile distinfo
Removed Files:
pkgsrc/chat/bitlbee/patches: patch-aa patch-ab patch-ac patch-ad
patch-ae
Log Message:
Update chat/bitlbee to 1.2.1
Version 1.2.1 (released 2008-06-24) hilights:
* Mostly a lot of fixes for bugs found after the 1.2 release.
* Daemon mode is now officially declared stable.
- Fixed proxy support.
- Fixed stalling issues while connecting to Jabber when using the OpenSSL
module.
- Fixed problem with GLib and ForkDaemon where processes didn't die when
the client disconnects.
- Fixed handling of "set charset none". (Which pretty much breaks the account
completely in 1.2.)
- You can now automatically identify yourself to BitlBee by setting a server
password in your IRC client.
- Compatible with all crazy kinds of line endings that clients can send.
- Changed root nicknames are now saved.
- Added ClientInterface setting to bind() outgoing connections to a specific
network interface.
- Support for receiving Jabber chatroom invitations.
- Relaxed port restriction of the Jabber module: added ports 80 and 443.
- Preserving case in Jabber resources of buddies, since these should
officially be treated as case sensitive.
- Fully stripping spaces from AIM screennames, this didn't happen completely
which severly breaks the IRC protocol.
- Removed all the yellow tape around daemon mode, it's pretty mature by now:
testing.bitlbee.org serves all (~30) SSL users from one daemon mode
process without any serious stability issues.
- Fixed GLib <2.6 compatibility issue.
- Misc. memory leak/crash fixes.
---
Module Name: pkgsrc
Committed By: tonio
Date: Fri Aug 29 13:29:24 UTC 2008
Modified Files:
pkgsrc/chat/bitlbee: Makefile distinfo
Log Message:
Update chat/bitlbee to 1.2.2
Fixes security issue http://secunia.com/advisories/31633/
Changelog:
Version 1.2.2 (released 2008-08-26) hilights:
* Fixed a security issue where it was possible to recreate/hijack already
existing accounts.
* Various stability improvements and minor feature enhancements.
-rw-r--r-- | chat/bitlbee/Makefile | 5 | ||||
-rw-r--r-- | chat/bitlbee/distinfo | 13 | ||||
-rw-r--r-- | chat/bitlbee/patches/patch-aa | 17 | ||||
-rw-r--r-- | chat/bitlbee/patches/patch-ab | 20 | ||||
-rw-r--r-- | chat/bitlbee/patches/patch-ac | 20 | ||||
-rw-r--r-- | chat/bitlbee/patches/patch-ad | 50 | ||||
-rw-r--r-- | chat/bitlbee/patches/patch-ae | 23 |
7 files changed, 6 insertions, 142 deletions
diff --git a/chat/bitlbee/Makefile b/chat/bitlbee/Makefile index 0cab9a078e6..cc809887b33 100644 --- a/chat/bitlbee/Makefile +++ b/chat/bitlbee/Makefile @@ -1,8 +1,7 @@ -# $NetBSD: Makefile,v 1.41 2008/04/20 09:29:45 tonio Exp $ +# $NetBSD: Makefile,v 1.41.4.1 2008/09/02 11:58:48 tron Exp $ # -DISTNAME= bitlbee-1.2 -PKGREVISION= 1 +DISTNAME= bitlbee-1.2.2 CATEGORIES= chat MASTER_SITES= http://get.bitlbee.org/src/ diff --git a/chat/bitlbee/distinfo b/chat/bitlbee/distinfo index a2ddcb2ef74..dcdccb94408 100644 --- a/chat/bitlbee/distinfo +++ b/chat/bitlbee/distinfo @@ -1,10 +1,5 @@ -$NetBSD: distinfo,v 1.20 2008/04/20 09:31:05 tonio Exp $ +$NetBSD: distinfo,v 1.20.4.1 2008/09/02 11:58:48 tron Exp $ -SHA1 (bitlbee-1.2.tar.gz) = 71dc24e9025375460e999345db70fb5dff7d45d8 -RMD160 (bitlbee-1.2.tar.gz) = c48c5f8af418ba4fe7310732ced6290521cc656e -Size (bitlbee-1.2.tar.gz) = 469482 bytes -SHA1 (patch-aa) = 98777f99f0c7b6c85ed4378e21e297fcd3bde469 -SHA1 (patch-ab) = 3809cd770ccd1f24a8fade2ab34b78eac0a7833b -SHA1 (patch-ac) = af439858786aba85e16fbcb6ff5149a87ee0a295 -SHA1 (patch-ad) = 6168115d6a990a7cd29d665864a9212a6efc5344 -SHA1 (patch-ae) = 0c4ccfe673c7829d8a4f163af2262fcc59dbc35c +SHA1 (bitlbee-1.2.2.tar.gz) = 3dd2e9fcfa149d7731ead73592247de90d3de33c +RMD160 (bitlbee-1.2.2.tar.gz) = e18fb4b6e9092cdd546ef12207c49352c42a21d3 +Size (bitlbee-1.2.2.tar.gz) = 475550 bytes diff --git a/chat/bitlbee/patches/patch-aa b/chat/bitlbee/patches/patch-aa deleted file mode 100644 index b13e10da9df..00000000000 --- a/chat/bitlbee/patches/patch-aa +++ /dev/null @@ -1,17 +0,0 @@ -$NetBSD: patch-aa,v 1.8 2008/04/20 09:31:05 tonio Exp $ - -Fix stalling issue with OpenSSL and Jabber -From http://bugs.bitlbee.org/bitlbee/changeset/devel%2C359 - ---- lib/ssl_client.h.orig Sat Jun 30 23:18:42 2007 -+++ lib/ssl_client.h -@@ -59,6 +59,9 @@ G_MODULE_EXPORT void *ssl_starttls( int - G_MODULE_EXPORT int ssl_read( void *conn, char *buf, int len ); - G_MODULE_EXPORT int ssl_write( void *conn, const char *buf, int len ); - -+/* See ssl_openssl.c for an explanation. */ -+G_MODULE_EXPORT int ssl_pending( void *conn ); -+ - /* Abort the SSL connection and disconnect the socket. Do not use close() - directly, both the SSL library and the peer will be unhappy! */ - G_MODULE_EXPORT void ssl_disconnect( void *conn_ ); diff --git a/chat/bitlbee/patches/patch-ab b/chat/bitlbee/patches/patch-ab deleted file mode 100644 index 8065626a782..00000000000 --- a/chat/bitlbee/patches/patch-ab +++ /dev/null @@ -1,20 +0,0 @@ -$NetBSD: patch-ab,v 1.2 2008/04/20 09:31:05 tonio Exp $ - -Fix stalling issue with OpenSSL and Jabber -From http://bugs.bitlbee.org/bitlbee/changeset/devel%2C359 - ---- lib/ssl_gnutls.c.orig Sat Mar 15 18:32:14 2008 -+++ lib/ssl_gnutls.c -@@ -210,6 +210,12 @@ int ssl_write( void *conn, const char *b - return st; - } - -+/* See ssl_openssl.c for an explanation. */ -+int ssl_pending( void *conn ) -+{ -+ return 0; -+} -+ - void ssl_disconnect( void *conn_ ) - { - struct scd *conn = conn_; diff --git a/chat/bitlbee/patches/patch-ac b/chat/bitlbee/patches/patch-ac deleted file mode 100644 index 4d5b63ad066..00000000000 --- a/chat/bitlbee/patches/patch-ac +++ /dev/null @@ -1,20 +0,0 @@ -$NetBSD: patch-ac,v 1.2 2008/04/20 09:31:05 tonio Exp $ - -Fix stalling issue with OpenSSL and Jabber -From http://bugs.bitlbee.org/bitlbee/changeset/devel%2C359 - ---- lib/ssl_nss.c.orig Sat Jun 30 23:18:42 2007 -+++ lib/ssl_nss.c -@@ -168,6 +168,12 @@ int ssl_write( void *conn, const char *b - return( PR_Write ( ((struct scd*)conn)->prfd, buf, len ) ); - } - -+/* See ssl_openssl.c for an explanation. */ -+int ssl_pending( void *conn ) -+{ -+ return 0; -+} -+ - void ssl_disconnect( void *conn_ ) - { - struct scd *conn = conn_; diff --git a/chat/bitlbee/patches/patch-ad b/chat/bitlbee/patches/patch-ad deleted file mode 100644 index b4f1234420f..00000000000 --- a/chat/bitlbee/patches/patch-ad +++ /dev/null @@ -1,50 +0,0 @@ -$NetBSD: patch-ad,v 1.2 2008/04/20 09:31:05 tonio Exp $ - -Fix stalling issue with OpenSSL and Jabber -From http://bugs.bitlbee.org/bitlbee/changeset/devel%2C359 - ---- lib/ssl_openssl.c.orig Sat Jun 30 23:18:42 2007 -+++ lib/ssl_openssl.c -@@ -61,16 +61,16 @@ void *ssl_connect( char *host, int port, - struct scd *conn = g_new0( struct scd, 1 ); - - conn->fd = proxy_connect( host, port, ssl_connected, conn ); -- conn->func = func; -- conn->data = data; -- conn->inpa = -1; -- - if( conn->fd < 0 ) - { - g_free( conn ); - return NULL; - } - -+ conn->func = func; -+ conn->data = data; -+ conn->inpa = -1; -+ - return conn; - } - -@@ -228,6 +228,21 @@ int ssl_write( void *conn, const char *b - } - - return st; -+} -+ -+/* Only OpenSSL *really* needs this (and well, maybe NSS). See for more info: -+ http://www.gnu.org/software/gnutls/manual/gnutls.html#index-gnutls_005frecord_005fcheck_005fpending-209 -+ http://www.openssl.org/docs/ssl/SSL_pending.html -+ -+ Required because OpenSSL empties the TCP buffer completely but doesn't -+ necessarily give us all the unencrypted data. -+ -+ Returns 0 if there's nothing left or if we don't have to care (GnuTLS), -+ 1 if there's more data. */ -+int ssl_pending( void *conn ) -+{ -+ return ( ((struct scd*)conn) && ((struct scd*)conn)->established ) ? -+ SSL_pending( ((struct scd*)conn)->ssl ) > 0 : 0; - } - - void ssl_disconnect( void *conn_ ) diff --git a/chat/bitlbee/patches/patch-ae b/chat/bitlbee/patches/patch-ae deleted file mode 100644 index b4b84ff85eb..00000000000 --- a/chat/bitlbee/patches/patch-ae +++ /dev/null @@ -1,23 +0,0 @@ -$NetBSD: patch-ae,v 1.2 2008/04/20 09:31:05 tonio Exp $ - -Fix stalling issue with OpenSSL and Jabber -From http://bugs.bitlbee.org/bitlbee/changeset/devel%2C359 - ---- protocols/jabber/io.c.orig Sat Feb 16 23:39:47 2008 -+++ protocols/jabber/io.c -@@ -240,8 +240,13 @@ static gboolean jabber_read_callback( gp - return FALSE; - } - -- /* EAGAIN/etc or a successful read. */ -- return TRUE; -+ if( ssl_pending( jd->ssl ) ) -+ /* OpenSSL empties the TCP buffers completely but may keep some -+ data in its internap buffers. select() won't see that, but -+ ssl_pending() does. */ -+ return jabber_read_callback( data, fd, cond ); -+ else -+ return TRUE; - } - - gboolean jabber_connected_plain( gpointer data, gint source, b_input_condition cond ) |