Pullup ticket #3383 - requested by tonio

chat/weechat: security update Revisions pulled up: - chat/weechat/Makefile 1.27 - chat/weechat/PLIST 1.14 - chat/weechat/distinfo 1.18 - chat/weechat/patches/patch-aa 1.4 - chat/weechat/patches/patch-ab 1.6 - chat/weechat/patches/patch-ac 1.5 - chat/weechat/patches/patch-ad 1.4 - chat/weechat/patches/patch-src_core_wee-hook.c 1.1 - chat/weechat/patches/patch-src_core_wee-hook.h 1.1 - chat/weechat/patches/patch-src_core_wee-network.c 1.1 - chat/weechat/patches/patch-src_plugins_irc_irc-server.c 1.1 - chat/weechat/patches/patch-src_plugins_rmodifier_rmodifier-config.h 1.1 --- Module Name: pkgsrc Committed By: tonio Date: Sat Mar 5 22:48:07 UTC 2011 Modified Files: pkgsrc/chat/weechat: Makefile PLIST distinfo pkgsrc/chat/weechat/patches: patch-aa patch-ab patch-ac patch-ad Added Files: pkgsrc/chat/weechat/patches: patch-src_core_wee-hook.c patch-src_core_wee-hook.h patch-src_core_wee-network.c patch-src_plugins_irc_irc-server.c patch-src_plugins_rmodifier_rmodifier-config.h Log Message: Update chat/weechat to 0.3.4 Fix for SA43543 and update kindly provided by gls@ This is a major release, with lot of bugs fixed and major new features. Among the new features: - 256 colors support, with unlimited number of nick colors - irc proxy (relay plugin) - redirection of IRC commands - command /notify - rmodifier plugin - regular expressions for highlights - color support for timestamp in chat buffer - irc option to force color for some nicks - share input line between buffers.
author: tron <tron@pkgsrc.org> 2011-03-09 19:11:17 +0000
committer: tron <tron@pkgsrc.org> 2011-03-09 19:11:17 +0000
commit: d8d3c8329dee6f671bfd26f58cd8de4499779517 (patch)
tree: 5a2b5b135767a14e5b7a3a957d8e806acb6b7d6b
parent: 269fccbee5388a98cec2829d5b7d77c9c2c299e0 (diff)
download: pkgsrc-d8d3c8329dee6f671bfd26f58cd8de4499779517.tar.gz
12 files changed, 551 insertions, 22 deletions
diff --git a/chat/weechat/Makefile b/chat/weechat/Makefile
index 13224a5b6f7..a45b108bdb0 100644
--- a/chat/weechat/Makefile
+++ b/chat/weechat/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.26 2010/03/12 14:36:57 tonio Exp $
+# $NetBSD: Makefile,v 1.26.8.1 2011/03/09 19:11:17 tron Exp $
 #
 
-DISTNAME=	weechat-0.3.1.1
+DISTNAME=	weechat-0.3.4
 CATEGORIES=	chat
 MASTER_SITES=	http://www.weechat.org/files/src/
 
@@ -17,7 +17,7 @@ USE_PKGLOCALEDIR=	yes
 USE_TOOLS+=		msgfmt
 USE_LIBTOOL=		yes
 GNU_CONFIGURE=		yes
-CONFIGURE_ARGS+=	--disable-ruby --disable-aspell
+CONFIGURE_ARGS+=	--disable-tcl --disable-aspell
 MAKE_ENV+=		INSTALL_DATA_DIR=${INSTALL_DATA_DIR:Q}
 MAKE_ENV+=		PREFIX=${DESTDIR:Q}${PREFIX:Q}
 LIBS.SunOS+=		-lnsl
diff --git a/chat/weechat/PLIST b/chat/weechat/PLIST
index bd47be16844..9c9176ee812 100644
--- a/chat/weechat/PLIST
+++ b/chat/weechat/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.13 2010/03/12 14:36:57 tonio Exp $
+@comment $NetBSD: PLIST,v 1.13.8.1 2011/03/09 19:11:18 tron Exp $
 bin/weechat-curses
 include/weechat/weechat-plugin.h
 lib/pkgconfig/weechat.pc
@@ -8,9 +8,12 @@ ${PLIST.python}lib/weechat/plugins/python.la
 ${PLIST.ruby}lib/weechat/plugins/ruby.la
 ${PLIST.charset}lib/weechat/plugins/charset.la
 lib/weechat/plugins/alias.la
+lib/weechat/plugins/charset.la
 lib/weechat/plugins/fifo.la
 lib/weechat/plugins/irc.la
 lib/weechat/plugins/logger.la
+lib/weechat/plugins/relay.la
+lib/weechat/plugins/rmodifier.la
 lib/weechat/plugins/xfer.la
 share/locale/cs/LC_MESSAGES/weechat.mo
 share/locale/de/LC_MESSAGES/weechat.mo
@@ -19,4 +22,5 @@ share/locale/fr/LC_MESSAGES/weechat.mo
 share/locale/hu/LC_MESSAGES/weechat.mo
 share/locale/it/LC_MESSAGES/weechat.mo
 share/locale/pl/LC_MESSAGES/weechat.mo
+share/locale/pt_BR/LC_MESSAGES/weechat.mo
 share/locale/ru/LC_MESSAGES/weechat.mo
diff --git a/chat/weechat/distinfo b/chat/weechat/distinfo
index 956548286e1..e6dae887a5e 100644
--- a/chat/weechat/distinfo
+++ b/chat/weechat/distinfo
@@ -1,9 +1,14 @@
-$NetBSD: distinfo,v 1.17 2010/03/12 14:36:57 tonio Exp $
+$NetBSD: distinfo,v 1.17.8.1 2011/03/09 19:11:18 tron Exp $
 
-SHA1 (weechat-0.3.1.1.tar.gz) = bc4f5dffeff91feb430aec5ee25e308796b68936
-RMD160 (weechat-0.3.1.1.tar.gz) = d9a183ccbb76d9b98ca1435f59f936a8de0e2591
-Size (weechat-0.3.1.1.tar.gz) = 2263262 bytes
-SHA1 (patch-aa) = 5bfba8832834898030fb1612adee83c8a7d1e708
-SHA1 (patch-ab) = 14264c459810e7300b5adedd0ff98e749dad3f2d
-SHA1 (patch-ac) = 1f713c92e58898fd0ef3169fe9f815265cfea2e9
-SHA1 (patch-ad) = 5b9dcc4605660f2f6da9c0e3bc9e6e1b9a26bb24
+SHA1 (weechat-0.3.4.tar.gz) = 5a956aed4b3ba1fbadeac4435a4ec0eac499ffda
+RMD160 (weechat-0.3.4.tar.gz) = dbd70a2dc05e53e0c23cd3b865af7f98d8b21dbf
+Size (weechat-0.3.4.tar.gz) = 2786555 bytes
+SHA1 (patch-aa) = 5374a1a4ff08262d67f992d82e693041eeee4e27
+SHA1 (patch-ab) = 841780d694951b0c7164690481698d14948826cf
+SHA1 (patch-ac) = 3404adfb03e405ed0de30ec91b9f8d01b93a1847
+SHA1 (patch-ad) = 3a619a93d396fc5e6ed62d93ea3a44455b297208
+SHA1 (patch-src_core_wee-hook.c) = 8875ab65e4eb2f37950e16f503f62eb00031062b
+SHA1 (patch-src_core_wee-hook.h) = 643dd8ec271f4632f631ece55cd46f9964100fad
+SHA1 (patch-src_core_wee-network.c) = dcba7c9c2814ebd65efdc80db6d7955e88dd66b3
+SHA1 (patch-src_plugins_irc_irc-server.c) = 2ba285bee488f5fdfea98c6b17ceddbb8b11c1cb
+SHA1 (patch-src_plugins_rmodifier_rmodifier-config.h) = e5e733d52ad1c6a56c981069710738420bd1c8af
diff --git a/chat/weechat/patches/patch-aa b/chat/weechat/patches/patch-aa
index e191eaa8165..1bd3862e5a0 100644
--- a/chat/weechat/patches/patch-aa
+++ b/chat/weechat/patches/patch-aa
@@ -1,6 +1,6 @@
-$NetBSD: patch-aa,v 1.3 2006/10/02 17:45:49 tonio Exp $
+$NetBSD: patch-aa,v 1.3.38.1 2011/03/09 19:11:18 tron Exp $
 
---- po/Makefile.in.in.orig	2006-10-01 10:00:26.000000000 +0200
+--- po/Makefile.in.in.orig	2007-10-31 17:28:48.000000000 +0000
 +++ po/Makefile.in.in
 @@ -30,7 +30,7 @@ gettextsrcdir = $(datadir)/gettext/po
  
diff --git a/chat/weechat/patches/patch-ab b/chat/weechat/patches/patch-ab
index 4afeb03c0d8..ab014905f16 100644
--- a/chat/weechat/patches/patch-ab
+++ b/chat/weechat/patches/patch-ab
@@ -1,6 +1,6 @@
-$NetBSD: patch-ab,v 1.5 2008/12/18 20:27:47 ahoka Exp $
+$NetBSD: patch-ab,v 1.5.18.1 2011/03/09 19:11:19 tron Exp $
 
---- src/gui/curses/gui-curses.h.orig	2008-12-18 21:17:01.000000000 +0100
+--- src/gui/curses/gui-curses.h.orig	2011-01-01 13:52:16.000000000 +0000
 +++ src/gui/curses/gui-curses.h
 @@ -21,6 +21,8 @@
  #define __WEECHAT_GUI_CURSES_H 1
diff --git a/chat/weechat/patches/patch-ac b/chat/weechat/patches/patch-ac
index 6d35eb3f8be..c7f43e67eca 100644
--- a/chat/weechat/patches/patch-ac
+++ b/chat/weechat/patches/patch-ac
@@ -1,10 +1,10 @@
-$NetBSD: patch-ac,v 1.4 2009/11/03 22:22:31 tonio Exp $
+$NetBSD: patch-ac,v 1.4.10.1 2011/03/09 19:11:19 tron Exp $
 
 Make sure to honor destdir
 
---- src/plugins/Makefile.in.orig	2009-09-06 10:10:04.000000000 +0200
+--- src/plugins/Makefile.in.orig	2011-01-16 08:17:23.000000000 +0000
 +++ src/plugins/Makefile.in
-@@ -749,8 +749,8 @@ uninstall-am:
+@@ -759,8 +759,8 @@ uninstall-am:
  # install plugin header
  
  install-data-hook:
diff --git a/chat/weechat/patches/patch-ad b/chat/weechat/patches/patch-ad
index ff9ffa84b75..8b860bba210 100644
--- a/chat/weechat/patches/patch-ad
+++ b/chat/weechat/patches/patch-ad
@@ -1,10 +1,10 @@
-$NetBSD: patch-ad,v 1.3 2010/03/12 14:36:57 tonio Exp $
+$NetBSD: patch-ad,v 1.3.8.1 2011/03/09 19:11:19 tron Exp $
 
 Solaris build
 
---- src/gui/curses/gui-curses-window.c.orig	2010-01-27 09:59:01.000000000 +0000
+--- src/gui/curses/gui-curses-window.c.orig	2011-01-01 13:52:16.000000000 +0000
 +++ src/gui/curses/gui-curses-window.c
-@@ -27,6 +27,8 @@
+@@ -29,6 +29,8 @@
  #include <string.h>
  #include <stdarg.h>
  #include <libgen.h>
diff --git a/chat/weechat/patches/patch-src_core_wee-hook.c b/chat/weechat/patches/patch-src_core_wee-hook.c
new file mode 100644
index 00000000000..84a357aeb1c
--- /dev/null
+++ b/chat/weechat/patches/patch-src_core_wee-hook.c
@@ -0,0 +1,54 @@
+$NetBSD: patch-src_core_wee-hook.c,v 1.1.2.2 2011/03/09 19:11:19 tron Exp $
+
+Fix for http://secunia.com/advisories/43543/
+
+--- src/core/wee-hook.c.orig	2011-01-02 18:05:16.000000000 +0000
++++ src/core/wee-hook.c
+@@ -1700,6 +1700,38 @@ hook_connect (struct t_weechat_plugin *p
+ }
+ 
+ /*
++ * hook_connect_gnutls_verify_certificates: verify server certificate
++ */
++
++#ifdef HAVE_GNUTLS
++int
++hook_connect_gnutls_verify_certificates (gnutls_session_t tls_session)
++{
++    struct t_hook *ptr_hook;
++    int rc;
++    
++    rc = -1;
++    ptr_hook = weechat_hooks[HOOK_TYPE_CONNECT];
++    while (ptr_hook)
++    {
++        /* looking for the right hook using to the gnutls session pointer */
++        if (!ptr_hook->deleted
++            && HOOK_CONNECT(ptr_hook, gnutls_sess)
++            && (*(HOOK_CONNECT(ptr_hook, gnutls_sess)) == tls_session))
++        {
++            rc = (int) (HOOK_CONNECT(ptr_hook, gnutls_cb))
++                (ptr_hook->callback_data, tls_session, NULL, 0,
++                 NULL, 0, NULL, GNUTLS_CB_MODE_VERIFY);
++            break;
++        }
++        ptr_hook = ptr_hook->next_hook;
++    }
++    
++    return rc;
++}
++#endif
++
++/*
+  * hook_connect_gnutls_set_certificates: set gnutls
+  */
+ 
+@@ -1725,7 +1757,7 @@ hook_connect_gnutls_set_certificates (gn
+         {
+             rc = (int) (HOOK_CONNECT(ptr_hook, gnutls_cb))
+                 (ptr_hook->callback_data, tls_session, req_ca, nreq,
+-                 pk_algos, pk_algos_len, answer);
++                 pk_algos, pk_algos_len, answer, GNUTLS_CB_MODE_SETCERT);
+             break;
+         }
+         ptr_hook = ptr_hook->next_hook;
diff --git a/chat/weechat/patches/patch-src_core_wee-hook.h b/chat/weechat/patches/patch-src_core_wee-hook.h
new file mode 100644
index 00000000000..1a8afede263
--- /dev/null
+++ b/chat/weechat/patches/patch-src_core_wee-hook.h
@@ -0,0 +1,31 @@
+$NetBSD: patch-src_core_wee-hook.h,v 1.1.2.2 2011/03/09 19:11:19 tron Exp $
+
+Fix for http://secunia.com/advisories/43543/
+
+--- src/core/wee-hook.h.orig	2011-01-01 13:48:19.000000000 +0000
++++ src/core/wee-hook.h
+@@ -202,10 +202,15 @@ typedef int (t_hook_callback_connect)(vo
+                                       const char *ip_address);
+ 
+ #ifdef HAVE_GNUTLS
++enum t_gnutls_cb_mode {
++    GNUTLS_CB_MODE_SETCERT,
++    GNUTLS_CB_MODE_VERIFY
++};
+ typedef int (gnutls_callback_t)(void *data, gnutls_session_t tls_session,
+                                 const gnutls_datum_t *req_ca, int nreq,
+                                 const gnutls_pk_algorithm_t *pk_algos,
+-                                int pk_algos_len, gnutls_retr_st *answer);
++                                int pk_algos_len, gnutls_retr_st *answer,
++                                enum t_gnutls_cb_mode cbmode);
+ #endif
+ 
+ struct t_hook_connect
+@@ -416,6 +421,7 @@ extern int hook_connect_gnutls_set_certi
+                                                  const gnutls_pk_algorithm_t *pk_algos,
+                                                  int pk_algos_len,
+                                                  gnutls_retr_st *answer);
++extern int hook_connect_gnutls_verify_certificates (gnutls_session_t tls_session);
+ #endif
+ extern struct t_hook *hook_print (struct t_weechat_plugin *plugin,
+                                   struct t_gui_buffer *buffer,
diff --git a/chat/weechat/patches/patch-src_core_wee-network.c b/chat/weechat/patches/patch-src_core_wee-network.c
new file mode 100644
index 00000000000..1d9aa2958d4
--- /dev/null
+++ b/chat/weechat/patches/patch-src_core_wee-network.c
@@ -0,0 +1,15 @@
+$NetBSD: patch-src_core_wee-network.c,v 1.1.2.2 2011/03/09 19:11:19 tron Exp $
+
+Fix for http://secunia.com/advisories/43543/
+
+--- src/core/wee-network.c.orig	2011-01-01 13:48:17.000000000 +0000
++++ src/core/wee-network.c
+@@ -94,6 +94,8 @@ network_init ()
+         }
+         free (ca_path);
+     }
++    gnutls_certificate_set_verify_function (gnutls_xcred,
++                                            &hook_connect_gnutls_verify_certificates);
+     gnutls_certificate_client_set_retrieve_function (gnutls_xcred,
+                                                      &hook_connect_gnutls_set_certificates);
+     network_init_ok = 1;
diff --git a/chat/weechat/patches/patch-src_plugins_irc_irc-server.c b/chat/weechat/patches/patch-src_plugins_irc_irc-server.c
new file mode 100644
index 00000000000..1ee23c31467
--- /dev/null
+++ b/chat/weechat/patches/patch-src_plugins_irc_irc-server.c
@@ -0,0 +1,405 @@
+$NetBSD: patch-src_plugins_irc_irc-server.c,v 1.1.2.2 2011/03/09 19:11:19 tron Exp $
+
+Fix for http://secunia.com/advisories/43543/
+
+--- src/plugins/irc/irc-server.c.orig	2011-01-07 15:26:49.000000000 +0000
++++ src/plugins/irc/irc-server.c
+@@ -2797,6 +2797,10 @@ irc_server_create_buffer (struct t_irc_s
+ }
+ 
+ #ifdef HAVE_GNUTLS
++enum t_gnutls_cb_mode {
++    GNUTLS_CB_MODE_SETCERT,
++    GNUTLS_CB_MODE_VERIFY
++};
+ /*
+  * irc_server_gnutls_callback: gnutls callback called during handshake
+  *
+@@ -2805,7 +2809,8 @@ int
+ irc_server_gnutls_callback (void *data, gnutls_session_t tls_session,
+                             const gnutls_datum_t *req_ca, int nreq,
+                             const gnutls_pk_algorithm_t *pk_algos,
+-                            int pk_algos_len, gnutls_retr_st *answer)
++                            int pk_algos_len, gnutls_retr_st *answer,
++                            enum t_gnutls_cb_mode cbmode)
+ {
+     struct t_irc_server *server;
+     gnutls_retr_st tls_struct;
+@@ -2837,207 +2842,212 @@ irc_server_gnutls_callback (void *data, 
+     hostname = server->current_address;
+     hostname_match = 0;
+     
+-    weechat_printf (server->buffer,
+-                    _("gnutls: connected using %d-bit Diffie-Hellman shared "
+-                      "secret exchange"),
+-                    IRC_SERVER_OPTION_INTEGER (server,
+-                                               IRC_SERVER_OPTION_SSL_DHKEY_SIZE));
+-    if (gnutls_certificate_verify_peers2 (tls_session, &status) < 0)
++    if (cbmode == GNUTLS_CB_MODE_VERIFY) 
+     {
+         weechat_printf (server->buffer,
+-                        _("%sgnutls: error while checking peer's certificate"),
+-                        weechat_prefix ("error"));
+-        rc = -1;
+-    }
+-    else
+-    {
+-        /* some checks */
+-        if (status & GNUTLS_CERT_INVALID)
++                        _("gnutls: connected using %d-bit Diffie-Hellman shared "
++                          "secret exchange"),
++                        IRC_SERVER_OPTION_INTEGER (server,
++                                                   IRC_SERVER_OPTION_SSL_DHKEY_SIZE));
++        if (gnutls_certificate_verify_peers2 (tls_session, &status) < 0)
+         {
+             weechat_printf (server->buffer,
+-                            _("%sgnutls: peer's certificate is NOT trusted"),
++                            _("%sgnutls: error while checking peer's certificate"),
+                             weechat_prefix ("error"));
+             rc = -1;
+         }
+         else
+         {
+-            weechat_printf (server->buffer,
+-                            _("gnutls: peer's certificate is trusted"));
+-        }
+-        if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
+-        {
+-            weechat_printf (server->buffer,
+-                            _("%sgnutls: peer's certificate issuer is unknown"),
+-                            weechat_prefix ("error"));
+-            rc = -1;
+-        }
+-        if (status & GNUTLS_CERT_REVOKED)
+-        {
+-            weechat_printf (server->buffer,
+-                            _("%sgnutls: the certificate has been revoked"),
+-                            weechat_prefix ("error"));
+-            rc = -1;
+-        }
+-        
+-        /* check certificates */
+-        if (gnutls_x509_crt_init (&cert_temp) >= 0)
+-        {
+-            cert_list = gnutls_certificate_get_peers (tls_session, &cert_list_len);
+-            if (cert_list)
++            /* some checks */
++            if (status & GNUTLS_CERT_INVALID)
++            {
++                weechat_printf (server->buffer,
++                                _("%sgnutls: peer's certificate is NOT trusted"),
++                                weechat_prefix ("error"));
++                rc = -1;
++            }
++            else
+             {
+                 weechat_printf (server->buffer,
+-                                NG_("gnutls: receiving %d certificate",
+-                                    "gnutls: receiving %d certificates",
+-                                    cert_list_len),
+-                                cert_list_len);
+-                for (i = 0, j = (int) cert_list_len; i < j; i++)
++                                _("gnutls: peer's certificate is trusted"));
++            }
++            if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
++            {
++                weechat_printf (server->buffer,
++                                _("%sgnutls: peer's certificate issuer is unknown"),
++                                weechat_prefix ("error"));
++                rc = -1;
++            }
++            if (status & GNUTLS_CERT_REVOKED)
++            {
++                weechat_printf (server->buffer,
++                                _("%sgnutls: the certificate has been revoked"),
++                                weechat_prefix ("error"));
++                rc = -1;
++            }
++            
++            /* check certificates */
++            if (gnutls_x509_crt_init (&cert_temp) >= 0)
++            {
++                cert_list = gnutls_certificate_get_peers (tls_session, &cert_list_len);
++                if (cert_list)
+                 {
+-                    if (gnutls_x509_crt_import (cert_temp, &cert_list[i], GNUTLS_X509_FMT_DER) >= 0)
++                    weechat_printf (server->buffer,
++                                    NG_("gnutls: receiving %d certificate",
++                                        "gnutls: receiving %d certificates",
++                                        cert_list_len),
++                                    cert_list_len);
++                    for (i = 0, j = (int) cert_list_len; i < j; i++)
+                     {
+-                        /* checking if hostname matches in the first certificate */
+-                        if (i == 0 && gnutls_x509_crt_check_hostname (cert_temp, hostname) != 0)
++                        if (gnutls_x509_crt_import (cert_temp, &cert_list[i], GNUTLS_X509_FMT_DER) >= 0)
+                         {
+-                            hostname_match = 1;
+-                        }
++                            /* checking if hostname matches in the first certificate */
++                            if (i == 0 && gnutls_x509_crt_check_hostname (cert_temp, hostname) != 0)
++                            {
++                                hostname_match = 1;
++                            }
+ #if LIBGNUTLS_VERSION_NUMBER >= 0x010706
+-                        /* displaying infos about certificate */
++                            /* displaying infos about certificate */
+ #if LIBGNUTLS_VERSION_NUMBER < 0x020400
+-                        rinfo = gnutls_x509_crt_print (cert_temp, GNUTLS_X509_CRT_ONELINE, &cinfo);
++                            rinfo = gnutls_x509_crt_print (cert_temp, GNUTLS_X509_CRT_ONELINE, &cinfo);
+ #else
+-                        rinfo = gnutls_x509_crt_print (cert_temp, GNUTLS_CRT_PRINT_ONELINE, &cinfo);
++                            rinfo = gnutls_x509_crt_print (cert_temp, GNUTLS_CRT_PRINT_ONELINE, &cinfo);
+ #endif
+-                        if (rinfo == 0)
+-                        {
+-                            weechat_printf (server->buffer,
+-                                            _(" - certificate[%d] info:"), i + 1);
+-                            weechat_printf (server->buffer,
+-                                            "   - %s", cinfo.data);
+-                            gnutls_free (cinfo.data);
+-                        }
++                            if (rinfo == 0)
++                            {
++                                weechat_printf (server->buffer,
++                                                _(" - certificate[%d] info:"), i + 1);
++                                weechat_printf (server->buffer,
++                                                "   - %s", cinfo.data);
++                                gnutls_free (cinfo.data);
++                            }
+ #endif
+-                        /* check expiration date */
+-                        cert_time = gnutls_x509_crt_get_expiration_time (cert_temp);
+-                        if (cert_time < time(NULL))
+-                        {
+-                            weechat_printf (server->buffer,
+-                                            _("%sgnutls: certificate has expired"),
+-                                            weechat_prefix ("error"));
+-                            rc = -1;
+-                        }
+-                        /* check expiration date */
+-                        cert_time = gnutls_x509_crt_get_activation_time (cert_temp);
+-                        if (cert_time > time(NULL))
+-                        {
+-                            weechat_printf (server->buffer,
+-                                            _("%sgnutls: certificate is not yet activated"),
+-                                            weechat_prefix ("error"));
+-                            rc = -1;
++                            /* check expiration date */
++                            cert_time = gnutls_x509_crt_get_expiration_time (cert_temp);
++                            if (cert_time < time(NULL))
++                            {
++                                weechat_printf (server->buffer,
++                                                _("%sgnutls: certificate has expired"),
++                                                weechat_prefix ("error"));
++                                rc = -1;
++                            }
++                            /* check expiration date */
++                            cert_time = gnutls_x509_crt_get_activation_time (cert_temp);
++                            if (cert_time > time(NULL))
++                            {
++                                weechat_printf (server->buffer,
++                                                _("%sgnutls: certificate is not yet activated"),
++                                                weechat_prefix ("error"));
++                                rc = -1;
++                            }
+                         }
+                     }
+-                }
+-                if (hostname_match == 0)
+-                {
+-                    weechat_printf (server->buffer,
+-                                    _("%sgnutls: the hostname in the "
+-                                      "certificate does NOT match \"%s\""),
+-                                    weechat_prefix ("error"), hostname);
+-                    rc = -1;
++                    if (hostname_match == 0)
++                    {
++                        weechat_printf (server->buffer,
++                                        _("%sgnutls: the hostname in the "
++                                          "certificate does NOT match \"%s\""),
++                                        weechat_prefix ("error"), hostname);
++                        rc = -1;
++                    }
+                 }
+             }
+         }
+     }
+-    
+-    /* using client certificate if it exists */
+-    cert_path0 = (char *) IRC_SERVER_OPTION_STRING(server,
+-                                                   IRC_SERVER_OPTION_SSL_CERT);
+-    if (cert_path0 && cert_path0[0])
+-    {
+-        weechat_dir = weechat_info_get ("weechat_dir", "");
+-        cert_path1 = weechat_string_replace (cert_path0, "%h", weechat_dir);
+-        cert_path2 = (cert_path1) ?
+-            weechat_string_expand_home (cert_path1) : NULL;
+-        
+-        if (cert_path2)
+-        {
+-            cert_str = weechat_file_get_content (cert_path2);
+-            if (cert_str)
++    else
++    {
++        /* using client certificate if it exists */
++        cert_path0 = (char *) IRC_SERVER_OPTION_STRING(server,
++                                                       IRC_SERVER_OPTION_SSL_CERT);
++        if (cert_path0 && cert_path0[0])
++        {
++            weechat_dir = weechat_info_get ("weechat_dir", "");
++            cert_path1 = weechat_string_replace (cert_path0, "%h", weechat_dir);
++            cert_path2 = (cert_path1) ?
++                weechat_string_expand_home (cert_path1) : NULL;
++            
++            if (cert_path2)
+             {
+-                weechat_printf (server->buffer,
+-                                _("gnutls: sending one certificate"));
+-                
+-                filedatum.data = (unsigned char *) cert_str;
+-                filedatum.size = strlen (cert_str);
+-                
+-                /* certificate */
+-                gnutls_x509_crt_init (&server->tls_cert);
+-                gnutls_x509_crt_import (server->tls_cert, &filedatum,
+-                                        GNUTLS_X509_FMT_PEM);
+-                
+-                /* key */
+-                gnutls_x509_privkey_init (&server->tls_cert_key);
+-                ret = gnutls_x509_privkey_import (server->tls_cert_key,
+-                                                  &filedatum,
+-                                                  GNUTLS_X509_FMT_PEM);
+-                if (ret < 0)
+-                {
+-                    ret = gnutls_x509_privkey_import_pkcs8 (server->tls_cert_key,
+-                                                            &filedatum,
+-                                                            GNUTLS_X509_FMT_PEM,
+-                                                            NULL,
+-                                                            GNUTLS_PKCS_PLAIN);
+-                }
+-                if (ret < 0)
++                cert_str = weechat_file_get_content (cert_path2);
++                if (cert_str)
+                 {
+                     weechat_printf (server->buffer,
+-                                    _("%sgnutls: invalid certificate \"%s\", "
+-                                      "error: %s"),
+-                                    weechat_prefix ("error"), cert_path2,
+-                                    gnutls_strerror (ret));
+-                    rc = -1;
+-                }
+-                else
+-                {
+-                    tls_struct.type = GNUTLS_CRT_X509;
+-                    tls_struct.ncerts = 1;
+-                    tls_struct.deinit_all = 0;
+-                    tls_struct.cert.x509 = &server->tls_cert;
+-                    tls_struct.key.x509 = server->tls_cert_key;
++                                    _("gnutls: sending one certificate"));
++                    
++                    filedatum.data = (unsigned char *) cert_str;
++                    filedatum.size = strlen (cert_str);
++                    
++                    /* certificate */
++                    gnutls_x509_crt_init (&server->tls_cert);
++                    gnutls_x509_crt_import (server->tls_cert, &filedatum,
++                                            GNUTLS_X509_FMT_PEM);
++                    
++                    /* key */
++                    gnutls_x509_privkey_init (&server->tls_cert_key);
++                    ret = gnutls_x509_privkey_import (server->tls_cert_key,
++                                                      &filedatum,
++                                                      GNUTLS_X509_FMT_PEM);
++                    if (ret < 0)
++                    {
++                        ret = gnutls_x509_privkey_import_pkcs8 (server->tls_cert_key,
++                                                                &filedatum,
++                                                                GNUTLS_X509_FMT_PEM,
++                                                                NULL,
++                                                                GNUTLS_PKCS_PLAIN);
++                    }
++                    if (ret < 0)
++                    {
++                        weechat_printf (server->buffer,
++                                        _("%sgnutls: invalid certificate \"%s\", "
++                                          "error: %s"),
++                                        weechat_prefix ("error"), cert_path2,
++                                        gnutls_strerror (ret));
++                        rc = -1;
++                    }
++                    else
++                    {
++                        tls_struct.type = GNUTLS_CRT_X509;
++                        tls_struct.ncerts = 1;
++                        tls_struct.deinit_all = 0;
++                        tls_struct.cert.x509 = &server->tls_cert;
++                        tls_struct.key.x509 = server->tls_cert_key;
+ #if LIBGNUTLS_VERSION_NUMBER >= 0x010706
+-                    /* client certificate info */
++                        /* client certificate info */
+ #if LIBGNUTLS_VERSION_NUMBER < 0x020400
+-                    rinfo = gnutls_x509_crt_print (server->tls_cert,
+-                                                   GNUTLS_X509_CRT_ONELINE,
+-                                                   &cinfo);
++                        rinfo = gnutls_x509_crt_print (server->tls_cert,
++                                                       GNUTLS_X509_CRT_ONELINE,
++                                                       &cinfo);
+ #else
+-                    rinfo = gnutls_x509_crt_print (server->tls_cert,
+-                                                   GNUTLS_CRT_PRINT_ONELINE,
+-                                                   &cinfo);
++                        rinfo = gnutls_x509_crt_print (server->tls_cert,
++                                                       GNUTLS_CRT_PRINT_ONELINE,
++                                                       &cinfo);
+ #endif
+-                    if (rinfo == 0)
+-                    {
+-                        weechat_printf (server->buffer,
+-                                        _(" - client certificate info (%s):"),
+-                                        cert_path2);
+-                        weechat_printf (server->buffer, "  - %s", cinfo.data);
+-                        gnutls_free (cinfo.data);
+-                    }
++                        if (rinfo == 0)
++                        {
++                            weechat_printf (server->buffer,
++                                            _(" - client certificate info (%s):"),
++                                            cert_path2);
++                            weechat_printf (server->buffer, "  - %s", cinfo.data);
++                            gnutls_free (cinfo.data);
++                        }
+ #endif
+-                    memcpy (answer, &tls_struct, sizeof (gnutls_retr_st));
+-                    free (cert_str);
++                        memcpy (answer, &tls_struct, sizeof (gnutls_retr_st));
++                        free (cert_str);
++                    }
++                }
++                else
++                {
++                    weechat_printf (server->buffer,
++                                    _("%sgnutls: unable to read certifcate \"%s\""),
++                                    weechat_prefix ("error"), cert_path2);
+                 }
+             }
+-            else
+-            {
+-                weechat_printf (server->buffer,
+-                                _("%sgnutls: unable to read certifcate \"%s\""),
+-                                weechat_prefix ("error"), cert_path2);
+-            }
++            
++            if (cert_path1)
++                free (cert_path1);
++            if (cert_path2)
++                free (cert_path2);
+         }
+-        
+-        if (cert_path1)
+-            free (cert_path1);
+-        if (cert_path2)
+-            free (cert_path2);
+     }
+     
+     /* an error should stop the handshake unless the user doesn't care */
diff --git a/chat/weechat/patches/patch-src_plugins_rmodifier_rmodifier-config.h b/chat/weechat/patches/patch-src_plugins_rmodifier_rmodifier-config.h
new file mode 100644
index 00000000000..8d858b79d5e
--- /dev/null
+++ b/chat/weechat/patches/patch-src_plugins_rmodifier_rmodifier-config.h
@@ -0,0 +1,15 @@
+$NetBSD: patch-src_plugins_rmodifier_rmodifier-config.h,v 1.1.2.2 2011/03/09 19:11:19 tron Exp $
+
+Fix build for osx 10.5
+
+--- src/plugins/rmodifier/rmodifier-config.h.orig	2011-01-01 14:45:46.000000000 +0000
++++ src/plugins/rmodifier/rmodifier-config.h
+@@ -25,7 +25,7 @@
+ extern struct t_config_file *rmodifier_config_file;
+ extern struct t_config_section *rmodifier_config_section_modifier;
+ 
+-struct t_config_option *rmodifier_config_look_hide_char;
++extern struct t_config_option *rmodifier_config_look_hide_char;
+ 
+ extern char *rmodifier_config_default_list[][4];
+
author	tron <tron@pkgsrc.org>	2011-03-09 19:11:17 +0000
committer	tron <tron@pkgsrc.org>	2011-03-09 19:11:17 +0000
commit	d8d3c8329dee6f671bfd26f58cd8de4499779517 (patch)
tree	5a2b5b135767a14e5b7a3a957d8e806acb6b7d6b
parent	269fccbee5388a98cec2829d5b7d77c9c2c299e0 (diff)
download	pkgsrc-d8d3c8329dee6f671bfd26f58cd8de4499779517.tar.gz