znc: Update to 1.7.4

Changes:

* Local patch for CVE-2019-12816 removed due to presence in release
* Send "Connected!" messages to client to the correct nick (#1665)

4 files changed, 7 insertions, 105 deletions

diff --git a/chat/znc/Makefile b/chat/znc/Makefile
index 6ac398bbc49..b7d14a0b758 100644
--- a/chat/znc/Makefile
+++ b/chat/znc/Makefile
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.7 2019/06/18 10:21:37 nia Exp $
+# $NetBSD: Makefile,v 1.8 2019/06/22 09:31:00 nia Exp $
 
-DISTNAME=	znc-1.7.3
-PKGREVISION=	2
+DISTNAME=	znc-1.7.4
 CATEGORIES=	net
 MASTER_SITES=	https://znc.in/releases/archive/
 
diff --git a/chat/znc/distinfo b/chat/znc/distinfo
index d655d1126db..3520c79c629 100644
--- a/chat/znc/distinfo
+++ b/chat/znc/distinfo
@@ -1,8 +1,6 @@
-$NetBSD: distinfo,v 1.4 2019/06/18 10:21:37 nia Exp $
+$NetBSD: distinfo,v 1.5 2019/06/22 09:31:00 nia Exp $
 
-SHA1 (znc-1.7.3.tar.gz) = 76c1c32d3ec6fc052b0c3854dbbb8896aecafee5
-RMD160 (znc-1.7.3.tar.gz) = a52f7f8500dc3156dd3387f9450e8558132013d6
-SHA512 (znc-1.7.3.tar.gz) = 4cd63be2cb3bc1e3950f38984b128c6511bd1b9fc01a00d51cfcdc46826c2dedad120d6ed8e30d9c400909e33d39b2b14579fb40ee1e3508b7f3a07eff3a15d8
-Size (znc-1.7.3.tar.gz) = 2084575 bytes
-SHA1 (patch-include_znc_Modules.h) = 57f5d2dcb0021c3c7c0162ccd06ad8698e68022e
-SHA1 (patch-src_Modules.cpp) = adb6f87f4c441cd438110aa58fdb31b481212eff
+SHA1 (znc-1.7.4.tar.gz) = 0755deabfcaebdefc433265b418e8c105043c84b
+RMD160 (znc-1.7.4.tar.gz) = c660ce405d95767b7f93c1dc43888332f9449544
+SHA512 (znc-1.7.4.tar.gz) = ea559ee9e06bfbc51c03ef08e145bc39ee7402638cc153fab7dc1dcedae01548fa0743d726304f9e4631a66241eb96c03940b76093954093a35f69641133b2ae
+Size (znc-1.7.4.tar.gz) = 2084756 bytes
diff --git a/chat/znc/patches/patch-include_znc_Modules.h b/chat/znc/patches/patch-include_znc_Modules.h
deleted file mode 100644
index 4f1622206a0..00000000000
--- a/chat/znc/patches/patch-include_znc_Modules.h
+++ /dev/null
@@ -1,16 +0,0 @@
-$NetBSD: patch-include_znc_Modules.h,v 1.1 2019/06/18 10:21:37 nia Exp $
-
-Fix CVE-2019-12816
-
-https://github.com/znc/znc/commit/8de9e376ce531fe7f3c8b0aa4876d15b479b7311
-
---- include/znc/Modules.h.orig	2019-03-30 14:37:00.000000000 +0000
-+++ include/znc/Modules.h
-@@ -1600,6 +1600,7 @@ class CModules : public std::vector<CMod
-   private:
-     static ModHandle OpenModule(const CString& sModule, const CString& sModPath,
-                                 CModInfo& Info, CString& sRetMsg);
-+    static bool ValidateModuleName(const CString& sModule, CString& sRetMsg);
- 
-   protected:
-     CUser* m_pUser;
diff --git a/chat/znc/patches/patch-src_Modules.cpp b/chat/znc/patches/patch-src_Modules.cpp
deleted file mode 100644
index a1666af32da..00000000000
--- a/chat/znc/patches/patch-src_Modules.cpp
+++ /dev/null
@@ -1,79 +0,0 @@
-$NetBSD: patch-src_Modules.cpp,v 1.1 2019/06/18 10:21:37 nia Exp $
-
-Fix CVE-2019-12816
-
-https://github.com/znc/znc/commit/8de9e376ce531fe7f3c8b0aa4876d15b479b7311
-
---- src/Modules.cpp.orig	2019-03-30 14:37:00.000000000 +0000
-+++ src/Modules.cpp
-@@ -1624,11 +1624,30 @@ CModule* CModules::FindModule(const CStr
-     return nullptr;
- }
- 
-+bool CModules::ValidateModuleName(const CString& sModule, CString& sRetMsg) {
-+    for (unsigned int a = 0; a < sModule.length(); a++) {
-+        if (((sModule[a] < '0') || (sModule[a] > '9')) &&
-+            ((sModule[a] < 'a') || (sModule[a] > 'z')) &&
-+            ((sModule[a] < 'A') || (sModule[a] > 'Z')) && (sModule[a] != '_')) {
-+            sRetMsg =
-+                t_f("Module names can only contain letters, numbers and "
-+                    "underscores, [{1}] is invalid")(sModule);
-+            return false;
-+        }
-+    }
-+
-+    return true;
-+}
-+
- bool CModules::LoadModule(const CString& sModule, const CString& sArgs,
-                           CModInfo::EModuleType eType, CUser* pUser,
-                           CIRCNetwork* pNetwork, CString& sRetMsg) {
-     sRetMsg = "";
- 
-+    if (!ValidateModuleName(sModule, sRetMsg)) {
-+        return false;
-+    }
-+
-     if (FindModule(sModule) != nullptr) {
-         sRetMsg = t_f("Module {1} already loaded.")(sModule);
-         return false;
-@@ -1781,6 +1800,10 @@ bool CModules::ReloadModule(const CStrin
- 
- bool CModules::GetModInfo(CModInfo& ModInfo, const CString& sModule,
-                           CString& sRetMsg) {
-+    if (!ValidateModuleName(sModule, sRetMsg)) {
-+        return false;
-+    }
-+
-     CString sModPath, sTmp;
- 
-     bool bSuccess;
-@@ -1799,6 +1822,10 @@ bool CModules::GetModInfo(CModInfo& ModI
- 
- bool CModules::GetModPathInfo(CModInfo& ModInfo, const CString& sModule,
-                               const CString& sModPath, CString& sRetMsg) {
-+    if (!ValidateModuleName(sModule, sRetMsg)) {
-+        return false;
-+    }
-+
-     ModInfo.SetName(sModule);
-     ModInfo.SetPath(sModPath);
- 
-@@ -1911,15 +1938,8 @@ ModHandle CModules::OpenModule(const CSt
-     // Some sane defaults in case anything errors out below
-     sRetMsg.clear();
- 
--    for (unsigned int a = 0; a < sModule.length(); a++) {
--        if (((sModule[a] < '0') || (sModule[a] > '9')) &&
--            ((sModule[a] < 'a') || (sModule[a] > 'z')) &&
--            ((sModule[a] < 'A') || (sModule[a] > 'Z')) && (sModule[a] != '_')) {
--            sRetMsg =
--                t_f("Module names can only contain letters, numbers and "
--                    "underscores, [{1}] is invalid")(sModule);
--            return nullptr;
--        }
-+    if (!ValidateModuleName(sModule, sRetMsg)) {
-+        return nullptr;
-     }
- 
-     // The second argument to dlopen() has a long history. It seems clear