diff options
| author | tonnerre <tonnerre@pkgsrc.org> | 2008-07-13 12:04:11 +0000 |
|---|---|---|
| committer | tonnerre <tonnerre@pkgsrc.org> | 2008-07-13 12:04:11 +0000 |
| commit | 37fbcb8563c4a34b2b10d6420b58655dbe71b4fc (patch) | |
| tree | e47269fe6fa0c5406067e36cdf7b2a2782ff6ade /chat/silc-client/patches | |
| parent | befea919aea1c3d6c89fd132a26406237c035f0d (diff) | |
| download | pkgsrc-37fbcb8563c4a34b2b10d6420b58655dbe71b4fc.tar.gz | |
Upgrade silc-client to version 1.1.4. This fixes two security issues and
various character set problems. The security issues fixed:
* NICK_CHANGE buffer overflow: CVE-2007-3728.
* pkcs_decode buffer overflow: CORE-2007-1212.
Changes since version 1.0.4.1:
- Fixed NEW_CLIENT packet handling crash.
- Fixed partial encryption in CTR mode in AES.
- Fixed printable fingerprint buffer overflow.
- Fixed UNIX signal delivery il SILC scheduler.
- Reprocess JOIN command synchronously after resolving channel user list.
- In JOIN command reply check if the channel key is already saved.
- Remove all channel keys and hmacs after giving LEAVE command.
- Added missing channel unreferencing in CMODE, CUMODE, TOPIC, INVITE,
BAN and KICK command replies.
- Fixed connection authentication with public keys to use correct public
key as responder.
- Zero tail of CTR mode IV in IV Included mode.
- Fixed CTR mode rekey.
- Rewrote the IV Included CTR mode encryption/decryption in packet engine.
- Fixed non-IPv6 compilation error.
- Fixed channel private key deleting when deleting the channel.
- Fixed TIMEOUT handling in user info resolving during JOINing, fixes crash.
- Fixed mandatory UN and HN SILC public key identifier checking.
- Fixed alignment issues with 64-bit CPUs.
- Added "There are now xx nick's" to "are xx nicks".
- Fixed USERS command user mode handling (integer overflow).
- Fixed big-endian issues from aes implementation.
- Fixed lib/silcutil/silcatomic.h compilation on IA64.
- Fixed public key identifier parsing to check lengths correctly.
- In silc_client_free check that scheduler is allocated before trying to
free it.
- Fixed buffer overflow in NICK_CHANGE notify. The destination buffer for
old nicknames was too small.
- Added support for rekey with PFS when using CTR mode encryption.
- Added silc_idcache_move that can be used to move entries between caches.
- Added better checks for invalid argument and notify payloads.
- Fixed SILC_PACKET_FLAG_LONG_PAD bitmask value.
- Set the destination ID to packet stream as SKE responder if ID was
present in key exchange packet.
- Compile sources with _GNU_SOURCE on Linux systems.
- Fixed Unix signal task dispatching to not lock the signals when
dispatching the callback to avoid deadlocks.
- Added SILC_VERSION macro for checking package versions at compile time.
- Use SILC_VERIFY to assert that silc_rwlock_wrlock can be called only
once per thread on Unix.
- Fixed USERS command reply write-lock unlocking.
- Fixed silc_create_key_pair to check for valid identifier.
- Rewrite signed public message handling, adopting the new hilight interface.
- Fix off by one error when loading modules.
- Don't delete hilight entry (because it's just a pointer, not a copy).
- Added __SILC_TOOLKIT_x_x_x macro to all Toolkit distribution which can
be used to check for Toolkit version in third-party software.
- Added support for channel@server channel name strings to client library
(SILC protocol version 1.3 change).
- Added full_nicknames and full_channel_names settings to SilcClientParams
that can be used to specify whether client library returns full nickname
and channel name strings. Full strings are nick@server and channel@server.
- Fixed unix connecting failure to return error code correctly.
- Fixed SKE timeout double free crash.
- Fixed MIME multipart decoding buffer overflow.
- Fixed connection auth protocol timeout crash.
- Fixed FSM machine finishing to check for existing threads at the final
free callback to allow time for the threads to finish.
- Fixed silc_client_get_clients_local to check the nick's server also if
nick@server nickname string is given to the function.
- And many more, oh well. For the user this means: better charset support,
less crashes, nick names now potentially user#23, server specific
channels and more sanity.
Talked over a while ago with wiz with no objections.
Diffstat (limited to 'chat/silc-client/patches')
| -rw-r--r-- | chat/silc-client/patches/patch-aa | 37 | ||||
| -rw-r--r-- | chat/silc-client/patches/patch-ab | 58 | ||||
| -rw-r--r-- | chat/silc-client/patches/patch-ac | 24 | ||||
| -rw-r--r-- | chat/silc-client/patches/patch-ad | 39 | ||||
| -rw-r--r-- | chat/silc-client/patches/patch-ae | 13 |
5 files changed, 89 insertions, 82 deletions
diff --git a/chat/silc-client/patches/patch-aa b/chat/silc-client/patches/patch-aa index 9c9b00a9f1d..f7f81ef9079 100644 --- a/chat/silc-client/patches/patch-aa +++ b/chat/silc-client/patches/patch-aa @@ -1,26 +1,13 @@ -$NetBSD: patch-aa,v 1.12 2007/05/18 21:04:25 salo Exp $ +$NetBSD: patch-aa,v 1.13 2008/07/13 12:04:11 tonnerre Exp $ ---- Makefile.in.orig 2006-01-06 14:46:28.000000000 +0100 -+++ Makefile.in 2006-01-08 20:45:25.000000000 +0100 -@@ -763,18 +763,18 @@ - - - @with_irssi_TRUE@install-dirs-client: --@with_irssi_TRUE@ -mkdir -p $(etcdir) -+@with_irssi_TRUE@ -mkdir -p $(examplesdir) - @with_irssi_TRUE@ -mkdir -p $(helpdir) - @with_irssi_TRUE@ -mkdir -p $(mandir)/man1 - - @with_irssi_TRUE@doc-install-client: --@with_irssi_TRUE@ $(INSTALL_DATA) $(srcdir)/apps/irssi/silc.conf $(docdir)/example_silc.conf -+@with_irssi_TRUE@ $(INSTALL_DATA) $(srcdir)/apps/irssi/silc.conf $(examplesdir)/silc.conf.default - @with_irssi_TRUE@ -@if test -f $(srcdir)/doc/silc.1 ; then $(INSTALL_DATA) $(srcdir)/doc/silc.1 $(mandir)/man1; fi - - @with_irssi_TRUE@etc-install-client: - @with_irssi_TRUE@ -@if test '!' -d $(srcdir)/apps/irssi ; then if test '!' -f $(etcdir)/silc.conf ; then $(INSTALL_DATA) $(srcdir)/apps/irssi/silc.conf $(etcdir)/silc.conf; fi; fi - --@with_irssi_TRUE@install-data-hook: install-dirs-client doc-install-client etc-install-client -+@with_irssi_TRUE@install-data-hook: install-dirs-client doc-install-client - - @INCLUDE_DEFINES_INT@ - +--- apps/irssi/docs/help/Makefile.in.orig 2007-12-07 18:10:34.000000000 +0100 ++++ apps/irssi/docs/help/Makefile.in 2007-12-07 18:10:48.000000000 +0100 +@@ -211,7 +211,7 @@ + target_alias = @target_alias@ + top_builddir = @top_builddir@ + top_srcdir = @top_srcdir@ +-@SILCPLUGIN_FALSE@helpdir = $(datadir)/silc/help ++@SILCPLUGIN_FALSE@helpdir = $(datadir)/silc-client/help + @SILCPLUGIN_TRUE@helpdir = $(datadir)/irssi/help/silc + @SILCPLUGIN_FALSE@SILCHELP = + @SILCPLUGIN_TRUE@SILCHELP = silc diff --git a/chat/silc-client/patches/patch-ab b/chat/silc-client/patches/patch-ab index a27b00cc32e..32812d12597 100644 --- a/chat/silc-client/patches/patch-ab +++ b/chat/silc-client/patches/patch-ab @@ -1,22 +1,44 @@ -$NetBSD: patch-ab,v 1.12 2007/05/18 21:04:25 salo Exp $ +$NetBSD: patch-ab,v 1.13 2008/07/13 12:04:11 tonnerre Exp $ ---- apps/irssi/Makefile.in.orig 2007-03-07 19:02:19.000000000 +0000 -+++ apps/irssi/Makefile.in 2007-05-18 20:19:04.000000000 +0000 -@@ -282,7 +282,7 @@ sysconfdir = @sysconfdir@ - target_alias = @target_alias@ - @BUILD_PLUGINS_TRUE@PLUGINS = plugins - @BUILD_SERVERTEST_TRUE@SERVERTEST = servertest --SUBDIRS = src docs scripts -+SUBDIRS = src docs - - # - # INCLUDE defines -@@ -297,7 +297,7 @@ INCLUDES = $(ADD_INCLUDES) $(SILC_CFLAGS +--- apps/irssi/Makefile.in.orig 2007-11-06 15:45:06.000000000 +0100 ++++ apps/irssi/Makefile.in 2007-12-07 17:25:54.000000000 +0100 +@@ -291,7 +291,7 @@ #confdir = $(sysconfdir) confdir = $(silc_etcdir) conffile = silc.conf --themedir = $(datadir)/silc/themes -+themedir = $(datadir)/silc-client/themes - theme_DATA = default.theme - noinst_HEADERS = irssi-version.h.in - EXTRA_DIST = \ +-@SILCPLUGIN_FALSE@themedir = $(datadir)/silc/themes ++@SILCPLUGIN_FALSE@themedir = $(datadir)/silc-client/themes + @SILCPLUGIN_TRUE@themedir = $(datadir)/irssi/themes + @SILCPLUGIN_FALSE@theme_DATA = default.theme plugin.theme + @SILCPLUGIN_TRUE@theme_DATA = plugin.theme +@@ -815,7 +815,8 @@ + -mkdir -p $(mandir)/man1 + + doc-install-client: +- $(INSTALL_DATA) $(silc_top_srcdir)/apps/irssi/silc.conf $(docdir)/example_silc.conf ++ $(INSTALL) -d $(examplesdir)/ ++ $(INSTALL_DATA) $(silc_top_srcdir)/apps/irssi/silc.conf $(examplesdir)/silc.conf.default + -@if test -f $(silc_top_srcdir)/doc/silc.1 ; then \ + $(INSTALL_DATA) $(silc_top_srcdir)/doc/silc.1 $(mandir)/man1; \ + fi +@@ -823,16 +824,16 @@ + etc-install-client: + -@if test -d $(silc_top_srcdir)/apps/irssi ; then \ + mkdir -p $(etcdir) ; \ +- if test '!' -f $(etcdir)/silc.conf ; then \ ++ if test '!' -f $(examplesdir)/silc.conf.default ; then \ + $(INSTALL_DATA) $(silc_top_srcdir)/apps/irssi/silc.conf \ +- $(etcdir)/silc.conf; \ ++ $(examplesdir)/silc.conf.default; \ + fi; \ + fi + + install-data-hook: \ + install-dirs-client \ +- doc-install-client \ +- $(ETCINSTALL) ++ doc-install-client ++ + # Tell versions [3.59,3.63) of GNU make to not export all variables. + # Otherwise a system limit (for SysV at least) may be exceeded. + .NOEXPORT: diff --git a/chat/silc-client/patches/patch-ac b/chat/silc-client/patches/patch-ac index 2769f08d957..93b2b3d7fdd 100644 --- a/chat/silc-client/patches/patch-ac +++ b/chat/silc-client/patches/patch-ac @@ -1,13 +1,13 @@ -$NetBSD: patch-ac,v 1.9 2007/05/18 21:04:25 salo Exp $ +$NetBSD: patch-ac,v 1.10 2008/07/13 12:04:11 tonnerre Exp $ ---- apps/irssi/src/perl/Makefile.in.orig 2006-01-06 14:46:28.000000000 +0100 -+++ apps/irssi/src/perl/Makefile.in 2006-01-08 20:47:56.000000000 +0100 -@@ -281,7 +281,7 @@ - -I$(top_srcdir)/src/fe-common/core \ - -I$(top_srcdir)/src/fe-common/silc \ - $(GLIB_CFLAGS) \ -- -DSCRIPTDIR=\""$(datadir)/silc/scripts"\" \ -+ -DSCRIPTDIR=\""$(prefix)/libexec/silc-client/scripts"\" \ - -DPERL_USE_LIB=\""$(PERL_USE_LIB)"\" \ - -DPERL_STATIC_LIBS=$(PERL_STATIC_LIBS) \ - $(PERL_CFLAGS) +--- apps/irssi/src/perl/Makefile.in.orig 2007-11-06 15:45:06.000000000 +0100 ++++ apps/irssi/src/perl/Makefile.in 2007-12-07 16:08:08.000000000 +0100 +@@ -291,7 +291,7 @@ + moduledir = @SILC_IRSSIDIR@ + @SILCPLUGIN_FALSE@perl_dirs = common ui textui silc + @SILCPLUGIN_TRUE@perl_dirs = silc +-@SILCPLUGIN_FALSE@SCRIPTDIR = "$(datadir)/silc/scripts" ++@SILCPLUGIN_FALSE@SCRIPTDIR = "$(prefix)/libexec/silc-client/scripts" + @SILCPLUGIN_TRUE@SCRIPTDIR = "$(datadir)/irssi/scripts" + module_LTLIBRARIES = $(perl_module_lib) $(perl_module_fe_lib) + noinst_LTLIBRARIES = $(perl_static_lib) $(perl_static_fe_lib) diff --git a/chat/silc-client/patches/patch-ad b/chat/silc-client/patches/patch-ad index 3fdf26ade2c..a10c3d27cc3 100644 --- a/chat/silc-client/patches/patch-ad +++ b/chat/silc-client/patches/patch-ad @@ -1,28 +1,13 @@ -$NetBSD: patch-ad,v 1.4 2007/05/18 21:04:25 salo Exp $ +$NetBSD: patch-ad,v 1.5 2008/07/13 12:04:11 tonnerre Exp $ ---- doc/Makefile.in.orig 2007-03-07 19:02:19.000000000 +0000 -+++ doc/Makefile.in 2007-05-18 20:41:05.000000000 +0000 -@@ -450,15 +450,6 @@ uninstall-am: uninstall-info-am - mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \ - ps ps-am uninstall uninstall-am uninstall-info-am - -- --all: -- touch draft-riikonen-silc-spec-08.txt -- touch draft-riikonen-silc-pp-09.txt -- touch draft-riikonen-silc-ke-auth-08.txt -- touch draft-riikonen-silc-commands-06.txt -- touch draft-riikonen-silc-flags-payloads-04.txt -- touch draft-riikonen-presence-attrs-03.txt -- - dist-hook: - $(SILC_TOP_SRCDIR)/scripts/manpages.pl - rm draft-riikonen*.txt -@@ -472,7 +463,6 @@ dist-hook: - doc-install: - -mkdir -p $(docdir) - -$(INSTALL_DATA) $(top_srcdir)/doc/FAQ $(docdir)/ -- -$(INSTALL_DATA) $(top_srcdir)/doc/*.txt $(docdir)/ - -$(INSTALL_DATA) $(top_srcdir)/COPYING $(docdir)/ - -$(INSTALL_DATA) $(top_srcdir)/CHANGES $(docdir)/ - -$(INSTALL_DATA) $(top_srcdir)/CREDITS $(docdir)/ +--- apps/irssi/scripts/Makefile.in.orig 2008-03-20 06:47:18.000000000 +0000 ++++ apps/irssi/scripts/Makefile.in +@@ -211,7 +211,7 @@ top_builddir = @top_builddir@ + top_srcdir = @top_srcdir@ + SUBDIRS = examples + PLUGIN_SCR = silc.pl +-@SILCPLUGIN_FALSE@scriptdir = $(datadir)/silc/scripts ++@SILCPLUGIN_FALSE@scriptdir = $(prefix)/libexec/silc-client/scripts + @SILCPLUGIN_TRUE@scriptdir = $(datadir)/irssi/scripts + @SILCPLUGIN_FALSE@IRSSI_SCR = \ + @SILCPLUGIN_FALSE@ autoop.pl \ diff --git a/chat/silc-client/patches/patch-ae b/chat/silc-client/patches/patch-ae new file mode 100644 index 00000000000..22d8260b261 --- /dev/null +++ b/chat/silc-client/patches/patch-ae @@ -0,0 +1,13 @@ +$NetBSD: patch-ae,v 1.3 2008/07/13 12:04:11 tonnerre Exp $ + +--- apps/irssi/scripts/examples/Makefile.in.orig 2008-03-20 06:47:18.000000000 +0000 ++++ apps/irssi/scripts/examples/Makefile.in +@@ -197,7 +197,7 @@ sysconfdir = @sysconfdir@ + target_alias = @target_alias@ + top_builddir = @top_builddir@ + top_srcdir = @top_srcdir@ +-@SILCPLUGIN_FALSE@scriptdir = $(datadir)/silc/scripts ++@SILCPLUGIN_FALSE@scriptdir = $(prefix)/libexec/silc-client/scripts + @SILCPLUGIN_TRUE@scriptdir = $(datadir)/irssi/scripts + @SILCPLUGIN_FALSE@IRSSI_EX_SCR = \ + @SILCPLUGIN_FALSE@ command.pl \ |