Update to 3.2.1.

(This is a security release, but pkgsrc already had patches from
upstream.)

This version corrects two heap overflows reported by our users:

- A small write overflow, reported by Justin Ferguson
- A large read overflow, reported by Ben Hawkes

6 files changed, 7 insertions, 165 deletions

diff --git a/chat/libotr/Makefile b/chat/libotr/Makefile
index fbd10d13dff..4f6ec80bf2f 100644
--- a/chat/libotr/Makefile
+++ b/chat/libotr/Makefile
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.11 2012/08/09 10:06:46 drochner Exp $
+# $NetBSD: Makefile,v 1.12 2012/08/14 22:08:09 gdt Exp $
 
-VERSION=	3.2.0
+VERSION=	3.2.1
 DISTNAME=	libotr-${VERSION}
-PKGREVISION=	2
 CATEGORIES=	chat security
 MASTER_SITES=	http://www.cypherpunks.ca/otr/
 
@@ -10,6 +9,7 @@ MAINTAINER=	nathanw@NetBSD.org
 # also gdt@NetBSD.org
 HOMEPAGE=	http://www.cypherpunks.ca/otr/
 COMMENT=	Library for Off-The-Record encrypted messaging
+LICENSE=	gnu-gpl-v2
 
 PKG_DESTDIR_SUPPORT=	user-destdir
 
diff --git a/chat/libotr/distinfo b/chat/libotr/distinfo
index 50b4bfa1c0d..b3f581e1b6c 100644
--- a/chat/libotr/distinfo
+++ b/chat/libotr/distinfo
@@ -1,9 +1,5 @@
-$NetBSD: distinfo,v 1.7 2012/08/09 10:06:47 drochner Exp $
+$NetBSD: distinfo,v 1.8 2012/08/14 22:08:09 gdt Exp $
 
-SHA1 (libotr-3.2.0.tar.gz) = e5e10b8ddaf59b0ada6046d156d0431cd2790db9
-RMD160 (libotr-3.2.0.tar.gz) = 937f512415eb3b82d5730b1aafbe5d55f4f153da
-Size (libotr-3.2.0.tar.gz) = 430299 bytes
-SHA1 (patch-CVE-2012-3461-aa) = f1faa1e43da256d44194817aeb59b3e92ddaffb2
-SHA1 (patch-CVE-2012-3461-ab) = 2827193d1cd440700f09cd7312ec9954a81aea11
-SHA1 (patch-CVE-2012-3461-ac) = abbecb337f3a7109b4a41debb2109528c64e22a0
-SHA1 (patch-CVE-2012-3461-ad) = 13edba7d8f16fc122ce2fd4fb2579e7e70056d5a
+SHA1 (libotr-3.2.1.tar.gz) = 898bf00d019f49ca34cd0116dd2e22685c67c394
+RMD160 (libotr-3.2.1.tar.gz) = 07deab0a7f63680e44c3a631666b9b4a21bd66cf
+Size (libotr-3.2.1.tar.gz) = 414684 bytes
diff --git a/chat/libotr/patches/patch-CVE-2012-3461-aa b/chat/libotr/patches/patch-CVE-2012-3461-aa
deleted file mode 100644
index a87e9fff30e..00000000000
--- a/chat/libotr/patches/patch-CVE-2012-3461-aa
+++ /dev/null
@@ -1,46 +0,0 @@
-$NetBSD: patch-CVE-2012-3461-aa,v 1.1 2012/08/09 10:06:47 drochner Exp $
-
---- src/b64.c.orig	2008-05-27 12:35:28.000000000 +0000
-+++ src/b64.c
-@@ -55,7 +55,7 @@ VERSION HISTORY:
- \******************************************************************* */
- 
- /* system headers */
--#include <stdlib.h>
-+#include <stdio.h>
- #include <string.h>
- 
- /* libotr headers */
-@@ -147,8 +147,9 @@ static size_t decode(unsigned char *out,
-  * base64 decode data.  Skip non-base64 chars, and terminate at the
-  * first '=', or the end of the buffer.
-  *
-- * The buffer data must contain at least (base64len / 4) * 3 bytes of
-- * space.  This function will return the number of bytes actually used.
-+ * The buffer data must contain at least ((base64len+3) / 4) * 3 bytes
-+ * of space.  This function will return the number of bytes actually
-+ * used.
-  */
- size_t otrl_base64_decode(unsigned char *data, const char *base64data,
- 	size_t base64len)
-@@ -234,13 +235,18 @@ int otrl_base64_otr_decode(const char *m
- 	return -2;
-     }
- 
-+    /* Skip over the "?OTR:" */
-+    otrtag += 5;
-+    msglen -= 5;
-+
-     /* Base64-decode the message */
--    rawlen = ((msglen-5) / 4) * 3;   /* maximum possible */
-+    rawlen = OTRL_B64_MAX_DECODED_SIZE(msglen);   /* maximum possible */
-     rawmsg = malloc(rawlen);
-     if (!rawmsg && rawlen > 0) {
- 	return -1;
-     }
--    rawlen = otrl_base64_decode(rawmsg, otrtag+5, msglen-5);  /* actual size */
-+
-+    rawlen = otrl_base64_decode(rawmsg, otrtag, msglen);  /* actual size */
- 
-     *bufp = rawmsg;
-     *lenp = rawlen;
diff --git a/chat/libotr/patches/patch-CVE-2012-3461-ab b/chat/libotr/patches/patch-CVE-2012-3461-ab
deleted file mode 100644
index 303da92fd1f..00000000000
--- a/chat/libotr/patches/patch-CVE-2012-3461-ab
+++ /dev/null
@@ -1,36 +0,0 @@
-$NetBSD: patch-CVE-2012-3461-ab,v 1.1 2012/08/09 10:06:47 drochner Exp $
-
---- src/b64.h.orig	2008-05-27 12:35:28.000000000 +0000
-+++ src/b64.h
-@@ -20,6 +20,19 @@
- #ifndef __B64_H__
- #define __B64_H__
- 
-+#include <stdlib.h>
-+
-+/* Base64 encodes blocks of this many bytes: */
-+#define OTRL_B64_DECODED_LEN 3
-+/* into blocks of this many bytes: */
-+#define OTRL_B64_ENCODED_LEN 4
-+
-+/* An encoded block of length encoded_len can turn into a maximum of
-+ * this many decoded bytes: */
-+#define OTRL_B64_MAX_DECODED_SIZE(encoded_len) \
-+    (((encoded_len + OTRL_B64_ENCODED_LEN - 1) / OTRL_B64_ENCODED_LEN) \
-+	* OTRL_B64_DECODED_LEN)
-+
- /*
-  * base64 encode data.  Insert no linebreaks or whitespace.
-  *
-@@ -33,8 +46,9 @@ size_t otrl_base64_encode(char *base64da
-  * base64 decode data.  Skip non-base64 chars, and terminate at the
-  * first '=', or the end of the buffer.
-  *
-- * The buffer data must contain at least (base64len / 4) * 3 bytes of
-- * space.  This function will return the number of bytes actually used.
-+ * The buffer data must contain at least ((base64len+3) / 4) * 3 bytes
-+ * of space.  This function will return the number of bytes actually
-+ * used.
-  */
- size_t otrl_base64_decode(unsigned char *data, const char *base64data,
- 	size_t base64len);
diff --git a/chat/libotr/patches/patch-CVE-2012-3461-ac b/chat/libotr/patches/patch-CVE-2012-3461-ac
deleted file mode 100644
index 1690cb856d1..00000000000
--- a/chat/libotr/patches/patch-CVE-2012-3461-ac
+++ /dev/null
@@ -1,45 +0,0 @@
-$NetBSD: patch-CVE-2012-3461-ac,v 1.1 2012/08/09 10:06:47 drochner Exp $
-
---- src/proto.c.orig	2008-05-27 12:35:28.000000000 +0000
-+++ src/proto.c
-@@ -537,13 +537,17 @@ gcry_error_t otrl_proto_data_read_flags(
- 	msglen = strlen(otrtag);
-     }
- 
-+    /* Skip over the "?OTR:" */
-+    otrtag += 5;
-+    msglen -= 5;
-+
-     /* Base64-decode the message */
--    rawlen = ((msglen-5) / 4) * 3;   /* maximum possible */
-+    rawlen = OTRL_B64_MAX_DECODED_SIZE(msglen);   /* maximum possible */
-     rawmsg = malloc(rawlen);
-     if (!rawmsg && rawlen > 0) {
- 	return gcry_error(GPG_ERR_ENOMEM);
-     }
--    rawlen = otrl_base64_decode(rawmsg, otrtag+5, msglen-5);  /* actual size */
-+    rawlen = otrl_base64_decode(rawmsg, otrtag, msglen);  /* actual size */
- 
-     bufp = rawmsg;
-     lenp = rawlen;
-@@ -606,14 +610,18 @@ gcry_error_t otrl_proto_accept_data(char
- 	msglen = strlen(otrtag);
-     }
- 
-+    /* Skip over the "?OTR:" */
-+    otrtag += 5;
-+    msglen -= 5;
-+
-     /* Base64-decode the message */
--    rawlen = ((msglen-5) / 4) * 3;   /* maximum possible */
-+    rawlen = OTRL_B64_MAX_DECODED_SIZE(msglen);   /* maximum possible */
-     rawmsg = malloc(rawlen);
-     if (!rawmsg && rawlen > 0) {
- 	err = gcry_error(GPG_ERR_ENOMEM);
- 	goto err;
-     }
--    rawlen = otrl_base64_decode(rawmsg, otrtag+5, msglen-5);  /* actual size */
-+    rawlen = otrl_base64_decode(rawmsg, otrtag, msglen);  /* actual size */
- 
-     bufp = rawmsg;
-     lenp = rawlen;
diff --git a/chat/libotr/patches/patch-CVE-2012-3461-ad b/chat/libotr/patches/patch-CVE-2012-3461-ad
deleted file mode 100644
index 478448a2d33..00000000000
--- a/chat/libotr/patches/patch-CVE-2012-3461-ad
+++ /dev/null
@@ -1,27 +0,0 @@
-$NetBSD: patch-CVE-2012-3461-ad,v 1.1 2012/08/09 10:06:47 drochner Exp $
-
---- toolkit/parse.c.orig	2008-05-27 12:35:28.000000000 +0000
-+++ toolkit/parse.c
-@@ -64,7 +64,8 @@ static unsigned char *decode(const char 
- {
-     const char *header, *footer;
-     unsigned char *raw;
--	
-+    size_t rawlen;
-+
-     /* Find the header */
-     header = strstr(msg, "?OTR:");
-     if (!header) return NULL;
-@@ -75,8 +76,10 @@ static unsigned char *decode(const char 
-     footer = strchr(header, '.');
-     if (!footer) footer = header + strlen(header);
- 
--    raw = malloc((footer-header) / 4 * 3);
--    if (raw == NULL && (footer-header >= 4)) return NULL;
-+    rawlen = OTRL_B64_MAX_DECODED_SIZE(footer-header);
-+
-+    raw = malloc(rawlen);
-+    if (raw == NULL && rawlen > 0) return NULL;
-     *lenp = otrl_base64_decode(raw, header, footer-header);
- 
-     return raw;