pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2008Q2]: pkgsrc/chat/bitlbee Pullup ticket #2512 - requested b...
details: https://anonhg.NetBSD.org/pkgsrc/rev/79e9bf8d4b29
branches: pkgsrc-2008Q2
changeset: 544296:79e9bf8d4b29
user: tron <tron%pkgsrc.org@localhost>
date: Tue Sep 02 11:58:48 2008 +0000
description:
Pullup ticket #2512 - requested by tonio
bitlbee: security update
chat/bitlbee/Makefile 1.42-1.43
chat/bitlbee/distinfo 1.21-1.22
chat/bitlbee/patches/patch-aa delete
chat/bitlbee/patches/patch-ab delete
chat/bitlbee/patches/patch-ac delete
chat/bitlbee/patches/patch-ad delete
chat/bitlbee/patches/patch-ae delete
---
Module Name: pkgsrc
Committed By: tonio
Date: Wed Jul 23 21:11:40 UTC 2008
Modified Files:
pkgsrc/chat/bitlbee: Makefile distinfo
Removed Files:
pkgsrc/chat/bitlbee/patches: patch-aa patch-ab patch-ac patch-ad
patch-ae
Log Message:
Update chat/bitlbee to 1.2.1
Version 1.2.1 (released 2008-06-24) hilights:
* Mostly a lot of fixes for bugs found after the 1.2 release.
* Daemon mode is now officially declared stable.
- Fixed proxy support.
- Fixed stalling issues while connecting to Jabber when using the OpenSSL
module.
- Fixed problem with GLib and ForkDaemon where processes didn't die when
the client disconnects.
- Fixed handling of "set charset none". (Which pretty much breaks the account
completely in 1.2.)
- You can now automatically identify yourself to BitlBee by setting a server
password in your IRC client.
- Compatible with all crazy kinds of line endings that clients can send.
- Changed root nicknames are now saved.
- Added ClientInterface setting to bind() outgoing connections to a specific
network interface.
- Support for receiving Jabber chatroom invitations.
- Relaxed port restriction of the Jabber module: added ports 80 and 443.
- Preserving case in Jabber resources of buddies, since these should
officially be treated as case sensitive.
- Fully stripping spaces from AIM screennames, this didn't happen completely
which severly breaks the IRC protocol.
- Removed all the yellow tape around daemon mode, it's pretty mature by now:
testing.bitlbee.org serves all (~30) SSL users from one daemon mode
process without any serious stability issues.
- Fixed GLib <2.6 compatibility issue.
- Misc. memory leak/crash fixes.
---
Module Name: pkgsrc
Committed By: tonio
Date: Fri Aug 29 13:29:24 UTC 2008
Modified Files:
pkgsrc/chat/bitlbee: Makefile distinfo
Log Message:
Update chat/bitlbee to 1.2.2
Fixes security issue http://secunia.com/advisories/31633/
Changelog:
Version 1.2.2 (released 2008-08-26) hilights:
* Fixed a security issue where it was possible to recreate/hijack already
existing accounts.
* Various stability improvements and minor feature enhancements.
diffstat:
chat/bitlbee/Makefile | 5 +--
chat/bitlbee/distinfo | 13 +++-------
chat/bitlbee/patches/patch-aa | 17 --------------
chat/bitlbee/patches/patch-ab | 20 -----------------
chat/bitlbee/patches/patch-ac | 20 -----------------
chat/bitlbee/patches/patch-ad | 50 -------------------------------------------
chat/bitlbee/patches/patch-ae | 23 -------------------
7 files changed, 6 insertions(+), 142 deletions(-)
diffs (182 lines):
diff -r e9700a88ff30 -r 79e9bf8d4b29 chat/bitlbee/Makefile
--- a/chat/bitlbee/Makefile Mon Sep 01 06:20:41 2008 +0000
+++ b/chat/bitlbee/Makefile Tue Sep 02 11:58:48 2008 +0000
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.41 2008/04/20 09:29:45 tonio Exp $
+# $NetBSD: Makefile,v 1.41.4.1 2008/09/02 11:58:48 tron Exp $
#
-DISTNAME= bitlbee-1.2
-PKGREVISION= 1
+DISTNAME= bitlbee-1.2.2
CATEGORIES= chat
MASTER_SITES= http://get.bitlbee.org/src/
diff -r e9700a88ff30 -r 79e9bf8d4b29 chat/bitlbee/distinfo
--- a/chat/bitlbee/distinfo Mon Sep 01 06:20:41 2008 +0000
+++ b/chat/bitlbee/distinfo Tue Sep 02 11:58:48 2008 +0000
@@ -1,10 +1,5 @@
-$NetBSD: distinfo,v 1.20 2008/04/20 09:31:05 tonio Exp $
+$NetBSD: distinfo,v 1.20.4.1 2008/09/02 11:58:48 tron Exp $
-SHA1 (bitlbee-1.2.tar.gz) = 71dc24e9025375460e999345db70fb5dff7d45d8
-RMD160 (bitlbee-1.2.tar.gz) = c48c5f8af418ba4fe7310732ced6290521cc656e
-Size (bitlbee-1.2.tar.gz) = 469482 bytes
-SHA1 (patch-aa) = 98777f99f0c7b6c85ed4378e21e297fcd3bde469
-SHA1 (patch-ab) = 3809cd770ccd1f24a8fade2ab34b78eac0a7833b
-SHA1 (patch-ac) = af439858786aba85e16fbcb6ff5149a87ee0a295
-SHA1 (patch-ad) = 6168115d6a990a7cd29d665864a9212a6efc5344
-SHA1 (patch-ae) = 0c4ccfe673c7829d8a4f163af2262fcc59dbc35c
+SHA1 (bitlbee-1.2.2.tar.gz) = 3dd2e9fcfa149d7731ead73592247de90d3de33c
+RMD160 (bitlbee-1.2.2.tar.gz) = e18fb4b6e9092cdd546ef12207c49352c42a21d3
+Size (bitlbee-1.2.2.tar.gz) = 475550 bytes
diff -r e9700a88ff30 -r 79e9bf8d4b29 chat/bitlbee/patches/patch-aa
--- a/chat/bitlbee/patches/patch-aa Mon Sep 01 06:20:41 2008 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,17 +0,0 @@
-$NetBSD: patch-aa,v 1.8 2008/04/20 09:31:05 tonio Exp $
-
-Fix stalling issue with OpenSSL and Jabber
-From http://bugs.bitlbee.org/bitlbee/changeset/devel%2C359
-
---- lib/ssl_client.h.orig Sat Jun 30 23:18:42 2007
-+++ lib/ssl_client.h
-@@ -59,6 +59,9 @@ G_MODULE_EXPORT void *ssl_starttls( int
- G_MODULE_EXPORT int ssl_read( void *conn, char *buf, int len );
- G_MODULE_EXPORT int ssl_write( void *conn, const char *buf, int len );
-
-+/* See ssl_openssl.c for an explanation. */
-+G_MODULE_EXPORT int ssl_pending( void *conn );
-+
- /* Abort the SSL connection and disconnect the socket. Do not use close()
- directly, both the SSL library and the peer will be unhappy! */
- G_MODULE_EXPORT void ssl_disconnect( void *conn_ );
diff -r e9700a88ff30 -r 79e9bf8d4b29 chat/bitlbee/patches/patch-ab
--- a/chat/bitlbee/patches/patch-ab Mon Sep 01 06:20:41 2008 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,20 +0,0 @@
-$NetBSD: patch-ab,v 1.2 2008/04/20 09:31:05 tonio Exp $
-
-Fix stalling issue with OpenSSL and Jabber
-From http://bugs.bitlbee.org/bitlbee/changeset/devel%2C359
-
---- lib/ssl_gnutls.c.orig Sat Mar 15 18:32:14 2008
-+++ lib/ssl_gnutls.c
-@@ -210,6 +210,12 @@ int ssl_write( void *conn, const char *b
- return st;
- }
-
-+/* See ssl_openssl.c for an explanation. */
-+int ssl_pending( void *conn )
-+{
-+ return 0;
-+}
-+
- void ssl_disconnect( void *conn_ )
- {
- struct scd *conn = conn_;
diff -r e9700a88ff30 -r 79e9bf8d4b29 chat/bitlbee/patches/patch-ac
--- a/chat/bitlbee/patches/patch-ac Mon Sep 01 06:20:41 2008 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,20 +0,0 @@
-$NetBSD: patch-ac,v 1.2 2008/04/20 09:31:05 tonio Exp $
-
-Fix stalling issue with OpenSSL and Jabber
-From http://bugs.bitlbee.org/bitlbee/changeset/devel%2C359
-
---- lib/ssl_nss.c.orig Sat Jun 30 23:18:42 2007
-+++ lib/ssl_nss.c
-@@ -168,6 +168,12 @@ int ssl_write( void *conn, const char *b
- return( PR_Write ( ((struct scd*)conn)->prfd, buf, len ) );
- }
-
-+/* See ssl_openssl.c for an explanation. */
-+int ssl_pending( void *conn )
-+{
-+ return 0;
-+}
-+
- void ssl_disconnect( void *conn_ )
- {
- struct scd *conn = conn_;
diff -r e9700a88ff30 -r 79e9bf8d4b29 chat/bitlbee/patches/patch-ad
--- a/chat/bitlbee/patches/patch-ad Mon Sep 01 06:20:41 2008 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,50 +0,0 @@
-$NetBSD: patch-ad,v 1.2 2008/04/20 09:31:05 tonio Exp $
-
-Fix stalling issue with OpenSSL and Jabber
-From http://bugs.bitlbee.org/bitlbee/changeset/devel%2C359
-
---- lib/ssl_openssl.c.orig Sat Jun 30 23:18:42 2007
-+++ lib/ssl_openssl.c
-@@ -61,16 +61,16 @@ void *ssl_connect( char *host, int port,
- struct scd *conn = g_new0( struct scd, 1 );
-
- conn->fd = proxy_connect( host, port, ssl_connected, conn );
-- conn->func = func;
-- conn->data = data;
-- conn->inpa = -1;
--
- if( conn->fd < 0 )
- {
- g_free( conn );
- return NULL;
- }
-
-+ conn->func = func;
-+ conn->data = data;
-+ conn->inpa = -1;
-+
- return conn;
- }
-
-@@ -228,6 +228,21 @@ int ssl_write( void *conn, const char *b
- }
-
- return st;
-+}
-+
-+/* Only OpenSSL *really* needs this (and well, maybe NSS). See for more info:
-+ http://www.gnu.org/software/gnutls/manual/gnutls.html#index-gnutls_005frecord_005fcheck_005fpending-209
-+ http://www.openssl.org/docs/ssl/SSL_pending.html
-+
-+ Required because OpenSSL empties the TCP buffer completely but doesn't
-+ necessarily give us all the unencrypted data.
-+
-+ Returns 0 if there's nothing left or if we don't have to care (GnuTLS),
-+ 1 if there's more data. */
-+int ssl_pending( void *conn )
-+{
-+ return ( ((struct scd*)conn) && ((struct scd*)conn)->established ) ?
-+ SSL_pending( ((struct scd*)conn)->ssl ) > 0 : 0;
- }
-
- void ssl_disconnect( void *conn_ )
diff -r e9700a88ff30 -r 79e9bf8d4b29 chat/bitlbee/patches/patch-ae
--- a/chat/bitlbee/patches/patch-ae Mon Sep 01 06:20:41 2008 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,23 +0,0 @@
-$NetBSD: patch-ae,v 1.2 2008/04/20 09:31:05 tonio Exp $
-
-Fix stalling issue with OpenSSL and Jabber
-From http://bugs.bitlbee.org/bitlbee/changeset/devel%2C359
-
---- protocols/jabber/io.c.orig Sat Feb 16 23:39:47 2008
-+++ protocols/jabber/io.c
-@@ -240,8 +240,13 @@ static gboolean jabber_read_callback( gp
- return FALSE;
- }
-
-- /* EAGAIN/etc or a successful read. */
-- return TRUE;
-+ if( ssl_pending( jd->ssl ) )
-+ /* OpenSSL empties the TCP buffers completely but may keep some
-+ data in its internap buffers. select() won't see that, but
-+ ssl_pending() does. */
-+ return jabber_read_callback( data, fd, cond );
-+ else
-+ return TRUE;
- }
-
- gboolean jabber_connected_plain( gpointer data, gint source, b_input_condition cond )
Home |
Main Index |
Thread Index |
Old Index