summaryrefslogtreecommitdiff
path: root/chat
diff options
context:
space:
mode:
authorfhajny <fhajny@pkgsrc.org>2014-11-13 09:45:47 +0000
committerfhajny <fhajny@pkgsrc.org>2014-11-13 09:45:47 +0000
commite97a4b88861beb3efa346b7ee8ebd8c1bf83018b (patch)
treeef4e9f8d4c389b3ee30602a63bb9f720cd8a6977 /chat
parenta9bfbce5638d759228e6dca993d7e69e91ccad8d (diff)
downloadpkgsrc-e97a4b88861beb3efa346b7ee8ebd8c1bf83018b.tar.gz
Backport upstream commit to fix CVE-2014-8760. Bump PKGREVISION.
Diffstat (limited to 'chat')
-rw-r--r--chat/ejabberd/Makefile4
-rw-r--r--chat/ejabberd/distinfo3
-rw-r--r--chat/ejabberd/patches/patch-src_ejabberd__c2s.erl23
3 files changed, 27 insertions, 3 deletions
diff --git a/chat/ejabberd/Makefile b/chat/ejabberd/Makefile
index faa61ff9e08..35cd3a8b499 100644
--- a/chat/ejabberd/Makefile
+++ b/chat/ejabberd/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.46 2014/10/16 12:47:59 fhajny Exp $
+# $NetBSD: Makefile,v 1.47 2014/11/13 09:45:47 fhajny Exp $
DISTNAME= ejabberd-14.07
-PKGREVISION= 3
+PKGREVISION= 4
CATEGORIES= chat
MASTER_SITES= http://www.process-one.net/downloads/ejabberd/${PKGVERSION_NOREV}/
EXTRACT_SUFX= .tgz
diff --git a/chat/ejabberd/distinfo b/chat/ejabberd/distinfo
index 949cdde1594..a063176ed45 100644
--- a/chat/ejabberd/distinfo
+++ b/chat/ejabberd/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.27 2014/10/16 12:47:59 fhajny Exp $
+$NetBSD: distinfo,v 1.28 2014/11/13 09:45:47 fhajny Exp $
SHA1 (ejabberd-14.07-deps.tar.gz) = 102a78c428fe587d57385c66a11cc731d2ec434e
RMD160 (ejabberd-14.07-deps.tar.gz) = 02c28e5a0c234800811d8ff24ca6afab4d3d0eec
@@ -11,3 +11,4 @@ SHA1 (patch-ad) = cdd7a61333f3206ac3ae9168b1878a059da25988
SHA1 (patch-ae) = 542ac36eecc4b679dded78e56903686060fd643a
SHA1 (patch-configure) = 8cf03f571ef13ed825b445e0f1664d387895b8fe
SHA1 (patch-deps_p1__iconv_rebar.config) = e9252229695195ebfe5aeea7ef3ef2c6cd95bc02
+SHA1 (patch-src_ejabberd__c2s.erl) = f9b8a00e1d5f85134cce8bb9b770d1e41a29b906
diff --git a/chat/ejabberd/patches/patch-src_ejabberd__c2s.erl b/chat/ejabberd/patches/patch-src_ejabberd__c2s.erl
new file mode 100644
index 00000000000..252d5ddf71b
--- /dev/null
+++ b/chat/ejabberd/patches/patch-src_ejabberd__c2s.erl
@@ -0,0 +1,23 @@
+$NetBSD: patch-src_ejabberd__c2s.erl,v 1.1 2014/11/13 09:45:47 fhajny Exp $
+
+Backport upstream commit to fix CVE-2014-8760
+--- src/ejabberd_c2s.erl.orig 2014-07-22 15:42:49.000000000 +0000
++++ src/ejabberd_c2s.erl
+@@ -718,7 +718,7 @@ wait_for_feature_request({xmlstreameleme
+ (StateData#state.sockmod):get_sockmod(StateData#state.socket),
+ case {xml:get_attr_s(<<"xmlns">>, Attrs), Name} of
+ {?NS_SASL, <<"auth">>}
+- when not ((SockMod == gen_tcp) and TLSRequired) ->
++ when TLSEnabled or not TLSRequired ->
+ Mech = xml:get_attr_s(<<"mechanism">>, Attrs),
+ ClientIn = jlib:decode_base64(xml:get_cdata(Els)),
+ case cyrsasl:server_start(StateData#state.sasl_state,
+@@ -832,7 +832,7 @@ wait_for_feature_request({xmlstreameleme
+ end
+ end;
+ _ ->
+- if (SockMod == gen_tcp) and TLSRequired ->
++ if TLSRequired and not TLSEnabled ->
+ Lang = StateData#state.lang,
+ send_element(StateData,
+ ?POLICY_VIOLATION_ERR(Lang,