[bitlbee] Suggested patch for RHBZ# 749895
Matej Cepl
mcepl at fedoraproject.org
Thu Jun 21 21:50:13 UTC 2012
commit 39f066fb9b18b849b896d5432202a4effd1e6089
Author: Matěj Cepl <mcepl at redhat.com>
Date: Thu Jun 21 23:50:30 2012 +0200
Suggested patch for RHBZ# 749895
bitlbee-3.0.5-des3-implement.patch | 16 +--
bitlbee-3.0.5-installP.patch | 18 ++--
bitlbee-3.0.5-moreerrorhandling-rhbz749895.patch | 146 ++++++++++++++++++++++
bitlbee-forkdaemon.patch | 6 +-
bitlbee-syslibdirs.patch | 8 +-
bitlbee-systemd.patch | 6 +-
bitlbee.spec | 23 +++-
7 files changed, 186 insertions(+), 37 deletions(-)
---
diff --git a/bitlbee-3.0.5-des3-implement.patch b/bitlbee-3.0.5-des3-implement.patch
index 527a89e..2d1209a 100644
--- a/bitlbee-3.0.5-des3-implement.patch
+++ b/bitlbee-3.0.5-des3-implement.patch
@@ -1,8 +1,6 @@
-Index: bitlbee-3.0.3/configure
-===================================================================
---- bitlbee-3.0.3.orig/configure
-+++ bitlbee-3.0.3/configure
-@@ -433,10 +433,10 @@ if [ "$ret" = "0" ]; then
+--- a/configure
++++ b/configure
+@@ -453,10 +453,10 @@ if [ "$ret" = "0" ]; then
exit 1
fi;
@@ -16,10 +14,8 @@ Index: bitlbee-3.0.3/configure
# SSL modules anyway, this is mostly unnecessary.)
echo 'DES=des.o' >> Makefile.settings
fi
-Index: bitlbee-3.0.3/lib/ssl_nss.c
-===================================================================
---- bitlbee-3.0.3.orig/lib/ssl_nss.c
-+++ bitlbee-3.0.3/lib/ssl_nss.c
+--- a/lib/ssl_nss.c
++++ b/lib/ssl_nss.c
@@ -39,6 +39,7 @@
#include <seccomon.h>
#include <secerr.h>
@@ -28,7 +24,7 @@ Index: bitlbee-3.0.3/lib/ssl_nss.c
int ssl_errno = 0;
-@@ -255,3 +255,91 @@
+@@ -255,3 +256,91 @@ char *ssl_verify_strerror( int code )
{
return g_strdup( "SSL certificate verification not supported by BitlBee NSS code." );
}
diff --git a/bitlbee-3.0.5-installP.patch b/bitlbee-3.0.5-installP.patch
index 2b8dd82..e77130a 100644
--- a/bitlbee-3.0.5-installP.patch
+++ b/bitlbee-3.0.5-installP.patch
@@ -1,6 +1,6 @@
---- bitlbee-3.0.5.orig/configure
-+++ bitlbee-3.0.5/configure
-@@ -125,6 +125,8 @@ TARGET=$target
+--- a/configure
++++ b/configure
+@@ -132,6 +132,8 @@ TARGET=$target
ARCH=$arch
CPU=$cpu
@@ -9,9 +9,9 @@
DESTDIR=
LFLAGS=
EFLAGS=
---- bitlbee-3.0.5/doc/Makefile 2012-02-18 02:55:09.000000000 -0800
-+++ bitlbee-3.0.5/doc/Makefile.new 2012-03-31 18:36:06.112532459 -0700
-@@ -9,8 +9,8 @@
+--- a/doc/Makefile
++++ b/doc/Makefile
+@@ -9,8 +9,8 @@ all:
install:
mkdir -p $(DESTDIR)$(MANDIR)/man8/ $(DESTDIR)$(MANDIR)/man5/
@@ -22,9 +22,9 @@
$(MAKE) -C user-guide $@
uninstall:
---- bitlbee-3.0.5/doc/user-guide/Makefile 2012-02-18 02:55:09.000000000 -0800
-+++ bitlbee-3.0.5/doc/user-guide/Makefile.new 2012-03-31 18:36:01.243464879 -0700
-@@ -41,7 +41,7 @@
+--- a/doc/user-guide/Makefile
++++ b/doc/user-guide/Makefile
+@@ -41,7 +41,7 @@ install:
mkdir -p $(DESTDIR)$(DATADIR)
chmod 0755 $(DESTDIR)$(DATADIR)
rm -f $(DESTDIR)$(DATADIR)/help.txt # Prevent help function from breaking in running sessions
diff --git a/bitlbee-3.0.5-moreerrorhandling-rhbz749895.patch b/bitlbee-3.0.5-moreerrorhandling-rhbz749895.patch
new file mode 100644
index 0000000..04fe339
--- /dev/null
+++ b/bitlbee-3.0.5-moreerrorhandling-rhbz749895.patch
@@ -0,0 +1,146 @@
+From 44b76a34d04288f10e067b617733a424754db998 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Mat=C4=9Bj=20Cepl?= <mcepl at redhat.com>
+Date: Thu, 21 Jun 2012 23:34:53 +0200
+Subject: [PATCH] Add more error handling.
+
+Basically following advice from
+https://bugzilla.redhat.com/show_bug.cgi?id=749895#c6
+---
+ lib/ssl_nss.c | 16 +++++++++++-----
+ 1 file changed, 11 insertions(+), 5 deletions(-)
+
+--- a/lib/ssl_nss.c
++++ b/lib/ssl_nss.c
+@@ -64,7 +64,7 @@ static SECStatus nss_auth_cert (void *ar
+ return SECSuccess;
+ }
+
+-static SECStatus nss_bad_cert (void *arg, PRFileDesc *socket)
++static SECStatus nss_bad_cert (void *arg, PRFileDesc *socket)
+ {
+ PRErrorCode err;
+
+@@ -106,23 +106,23 @@ void ssl_init( void )
+ void *ssl_connect( char *host, int port, gboolean verify, ssl_input_function func, gpointer data )
+ {
+ struct scd *conn = g_new0( struct scd, 1 );
+-
++
+ conn->fd = proxy_connect( host, port, ssl_connected, conn );
+ conn->func = func;
+ conn->data = data;
+-
++
+ if( conn->fd < 0 )
+ {
+ g_free( conn );
+ return( NULL );
+ }
+-
++
+ if( !initialized )
+ {
+ ssl_init();
+ }
+
+-
++
+ return( conn );
+ }
+
+@@ -159,7 +159,7 @@ void *ssl_starttls( int fd, char *hostna
+ static gboolean ssl_connected( gpointer data, gint source, b_input_condition cond )
+ {
+ struct scd *conn = data;
+-
++
+ /* Right now we don't have any verification functionality for NSS. */
+
+ if( conn->verify )
+@@ -170,14 +170,16 @@ static gboolean ssl_connected( gpointer
+
+ return FALSE;
+ }
+-
++
+ if( source == -1 )
+ goto ssl_connected_failure;
+-
++
+ /* Until we find out how to handle non-blocking I/O with NSS... */
+ sock_make_blocking( conn->fd );
+-
++
+ conn->prfd = SSL_ImportFD(NULL, PR_ImportTCPSocket(source));
++ if ( !conn->prfd )
++ goto ssl_connected_failure;
+ SSL_OptionSet(conn->prfd, SSL_SECURITY, PR_TRUE);
+ SSL_OptionSet(conn->prfd, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE);
+ SSL_BadCertHook(conn->prfd, (SSLBadCertHandler)nss_bad_cert, NULL);
+@@ -187,20 +189,22 @@ static gboolean ssl_connected( gpointer
+ if (SSL_ForceHandshake(conn->prfd)) {
+ goto ssl_connected_failure;
+ }
+-
+-
++
++
+ conn->established = TRUE;
+ conn->func( conn->data, 0, conn, cond );
+ return FALSE;
+-
++
+ ssl_connected_failure:
+-
++
+ conn->func( conn->data, 0, NULL, cond );
+-
+- PR_Close( conn -> prfd );
+- if( source >= 0 ) closesocket( source );
+- g_free( conn );
+-
++
++ if ( conn -> prfd )
++ PR_Close( conn -> prfd );
++ if( source >= 0 )
++ closesocket( source );
++ g_free( conn );
++
+ return FALSE;
+ }
+
+@@ -208,7 +212,7 @@ int ssl_read( void *conn, char *buf, int
+ {
+ if( !((struct scd*)conn)->established )
+ return( 0 );
+-
++
+ return( PR_Read( ((struct scd*)conn)->prfd, buf, len ) );
+ }
+
+@@ -216,7 +220,7 @@ int ssl_write( void *conn, const char *b
+ {
+ if( !((struct scd*)conn)->established )
+ return( 0 );
+-
++
+ return( PR_Write ( ((struct scd*)conn)->prfd, buf, len ) );
+ }
+
+@@ -234,10 +238,12 @@ int ssl_pending( void *conn )
+ void ssl_disconnect( void *conn_ )
+ {
+ struct scd *conn = conn_;
+-
+- PR_Close( conn->prfd );
+- closesocket( conn->fd );
+-
++
++ if ( conn-> prfd )
++ PR_Close( conn->prfd );
++ if( source >= 0 )
++ closesocket( conn->fd );
++
+ g_free( conn );
+ }
+
diff --git a/bitlbee-forkdaemon.patch b/bitlbee-forkdaemon.patch
index d188a60..5c4e887 100644
--- a/bitlbee-forkdaemon.patch
+++ b/bitlbee-forkdaemon.patch
@@ -1,7 +1,5 @@
-Index: bitlbee-3.0.3/bitlbee.conf
-===================================================================
---- bitlbee-3.0.3.orig/bitlbee.conf
-+++ bitlbee-3.0.3/bitlbee.conf
+--- a/bitlbee.conf
++++ b/bitlbee.conf
@@ -23,14 +23,14 @@
## If BitlBee is started by root as a daemon, it can drop root privileges,
## and change to the specified user.
diff --git a/bitlbee-syslibdirs.patch b/bitlbee-syslibdirs.patch
index 06014eb..1454454 100644
--- a/bitlbee-syslibdirs.patch
+++ b/bitlbee-syslibdirs.patch
@@ -1,8 +1,6 @@
-Index: bitlbee-3.0.3/configure
-===================================================================
---- bitlbee-3.0.3.orig/configure
-+++ bitlbee-3.0.3/configure
-@@ -20,7 +20,7 @@ libevent='/usr/'
+--- a/configure
++++ b/configure
+@@ -21,7 +21,7 @@ libevent='/usr/'
pidfile='/var/run/bitlbee.pid'
ipcsocket=''
pcdir='$prefix/lib/pkgconfig'
diff --git a/bitlbee-systemd.patch b/bitlbee-systemd.patch
index e3a3918..a2175d8 100644
--- a/bitlbee-systemd.patch
+++ b/bitlbee-systemd.patch
@@ -1,7 +1,5 @@
-Index: bitlbee-3.0.3/init/bitlbee.service.in
-===================================================================
---- bitlbee-3.0.3.orig/init/bitlbee.service.in
-+++ bitlbee-3.0.3/init/bitlbee.service.in
+--- a/init/bitlbee.service.in
++++ b/init/bitlbee.service.in
@@ -3,7 +3,9 @@ Description=BitlBee IRC/IM gateway
After=syslog.target
diff --git a/bitlbee.spec b/bitlbee.spec
index 408e7d5..dfd78da 100644
--- a/bitlbee.spec
+++ b/bitlbee.spec
@@ -1,13 +1,17 @@
Summary: IRC to other chat networks gateway
Name: bitlbee
Version: 3.0.5
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv2+ and MIT
Group: System Environment/Daemons
URL: http://www.bitlbee.org/
Source0: http://get.bitlbee.org/src/%{name}-%{version}.tar.gz
Source1: bitlbee.xinetd
Source2: bitlbee-wrapper.h
+# The following two patches were accepted upstream
+# (http://bugs.bitlbee.org/bitlbee/changeset/devel%2C909)
+# it will be available in the next release after 3.0.5
+#
# 64bit directories should go before 32bit ones.
Patch0: bitlbee-syslibdirs.patch
# use install -p instead of plain install ... we should protect time stamps
@@ -20,13 +24,16 @@ Patch4: bitlbee-3.0.5-des3-implement.patch
# When the above patches will be consolidated upstream, this should merge
# with Patch1 or Patch2 or something like that
Patch5: bitlbee-forkdaemon.patch
-# Reopened http://bugs.bitlbee.org/bitlbee/ticket/738
+# Patch rejected upstream, however we need to keep this, because
+# of the SELinux policy is set up for this mode of operation.
Patch6: bitlbee-systemd.patch
+# Suggested fix for RHBZ# 749895
+Patch7: bitlbee-3.0.5-moreerrorhandling-rhbz749895.patch
Requires(pre): shadow-utils
Requires(preun): /sbin/service
BuildRequires: glib2-devel >= 2.4, libxslt
BuildRequires: nss-devel
-%if 0%{?fedora} >= 15
+%if 0%{?fedora} >= 15 || 0%{?rhel} >= 7
BuildRequires: pkgconfig(systemd)
Requires: systemd-units
%else
@@ -68,11 +75,12 @@ completely stable and not 100% foolproof so use at your own risk.
%if 0%{?fedora}%{?rhel} < 6
%patch2 -p1
%endif
-#patch4 -p1
-%if 0%{?fedora} >= 15
+%patch4 -p1
+%if 0%{?fedora} >= 15 || 0%{?rhel} >= 7
%patch5 -p1
%patch6 -p1
%endif
+%patch7 -p1
%build
# Note that we cannot use openssl in Fedora packages ... it breaks GPL
@@ -190,6 +198,11 @@ rm -rf $RPM_BUILD_ROOT
%endif
%changelog
+* Thu Jun 21 2012 Matej Cepl <mcepl at redhat.com> - 3.0.5-2
+- Add more error handling to lib/ssl_nss.c
+- Checking patches for compatibility with the current state of the word
+ and updating comments.
+
* Sat Mar 31 2012 Adam Williamson <awilliam at redhat.com> - 3.0.5-1
- new upstream release 3.0.5
More information about the scm-commits
mailing list