[socat] * Mon May 27 2013 Paul Wouters <pwouters at redhat.com> - 1.7.2.2-2 - Added two patches that fixes some

Paul Wouters pwouters at fedoraproject.org
Mon May 27 20:40:13 UTC 2013 

commit 68745e7519573d56485e4bb00cb06a0db0aef079
Author: Paul Wouters <pwouters at redhat.com>
Date:   Mon May 27 14:18:29 2013 -0400

    * Mon May 27 2013 Paul Wouters <pwouters at redhat.com> - 1.7.2.2-2
    - Added two patches that fixes some -Wformat warnings. these fix 2 of 3
      failing test cases from test.sh
    - Enabled hardening with full relro/pie
    - Switched from readline5 to readline (6)

 socat-1.7.2.1-errqueue.patch     |   11 +++++++++++
 socat-1.7.2.1-procan-cdefs.patch |   12 ++++++++++++
 socat.spec                       |   22 +++++++++++++++++-----
 3 files changed, 40 insertions(+), 5 deletions(-)
---
diff --git a/socat-1.7.2.1-errqueue.patch b/socat-1.7.2.1-errqueue.patch
new file mode 100644
index 0000000..6aa89e2
--- /dev/null
+++ b/socat-1.7.2.1-errqueue.patch
@@ -0,0 +1,11 @@
+diff -Naur socat-1.7.2.1-orig/xio-ip.c socat-1.7.2.1/xio-ip.c
+--- socat-1.7.2.1-orig/xio-ip.c	2011-12-06 02:45:03.000000000 -0500
++++ socat-1.7.2.1/xio-ip.c	2012-05-23 16:31:23.000000000 -0400
+@@ -42,6 +42,7 @@
+ const struct optdesc opt_ip_hdrincl = { "ip-hdrincl", "hdrincl",   OPT_IP_HDRINCL, GROUP_SOCK_IP, PH_PASTSOCKET, TYPE_INT, OFUNC_SOCKOPT, SOL_IP, IP_HDRINCL };
+ #endif
+ #ifdef IP_RECVERR
++# include <linux/errqueue.h>
+ const struct optdesc opt_ip_recverr = { "ip-recverr", "recverr",   OPT_IP_RECVERR, GROUP_SOCK_IP, PH_PASTSOCKET, TYPE_INT, OFUNC_SOCKOPT, SOL_IP, IP_RECVERR };
+ #endif
+ #ifdef IP_MTU_DISCOVER
diff --git a/socat-1.7.2.1-procan-cdefs.patch b/socat-1.7.2.1-procan-cdefs.patch
new file mode 100644
index 0000000..5375e02
--- /dev/null
+++ b/socat-1.7.2.1-procan-cdefs.patch
@@ -0,0 +1,12 @@
+diff -Naur socat-1.7.2.1-orig/procan-cdefs.c socat-1.7.2.1/procan-cdefs.c
+--- socat-1.7.2.1-orig/procan-cdefs.c	2010-10-06 03:25:30.000000000 -0400
++++ socat-1.7.2.1/procan-cdefs.c	2012-11-20 17:15:37.521215330 -0500
+@@ -20,7 +20,7 @@
+    fprintf(outfile, "#define FD_SETSIZE %u\n", FD_SETSIZE);
+ #endif
+ #ifdef NFDBITS
+-   fprintf(outfile, "#define NFDBITS "F_Zu"\n", NFDBITS);
++   fprintf(outfile, "#define NFDBITS %u\n", NFDBITS);
+ #endif
+ #ifdef O_RDONLY
+    fprintf(outfile, "#define O_RDONLY %u\n", O_RDONLY);
diff --git a/socat.spec b/socat.spec
index f1be6b9..6b87fd8 100644
--- a/socat.spec
+++ b/socat.spec
@@ -1,14 +1,18 @@
+%global _hardened_build 1
+
 Summary: Bidirectional data relay between two data channels ('netcat++')
 Name: socat
 Version: 1.7.2.2
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: GPLv2
 Url:  http://www.dest-unreach.org/%{name}
 Source: http://www.dest-unreach.org/socat/download/%{name}-%{version}.tar.gz
 Group: Applications/Internet
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
-BuildRequires: openssl-devel compat-readline5-devel ncurses-devel
+BuildRequires: openssl-devel readline-devel ncurses-devel
 BuildRequires: autoconf kernel-headers > 2.6.18
+Patch1: socat-1.7.2.1-procan-cdefs.patch
+Patch2: socat-1.7.2.1-errqueue.patch
 
 %description
 Socat is a relay for bidirectional data transfer between two independent data
@@ -16,17 +20,18 @@ channels. Each of these data channels may be a file, pipe, device (serial line
 etc. or a pseudo terminal), a socket (UNIX, IP4, IP6 - raw, UDP, TCP), an
 SSL socket, proxy CONNECT connection, a file descriptor (stdin etc.), the GNU
 line editor (readline), a program, or a combination of two of these. 
-The compat-readline5 library is used to avoid GPLv2 vs GPLv3 issues.
 
 
 %prep
 %setup -q 
 iconv -f iso8859-1 -t utf-8 CHANGES > CHANGES.utf8
 mv CHANGES.utf8 CHANGES
+%patch1 -p1 
+%patch2 -p1 
 
 %build
+
 autoconf
-export CPPFLAGS="-I%{_includedir}/readline5" LDFLAGS="-L%{_libdir}/readline5"
 %configure  \
         --enable-help --enable-stdio \
         --enable-fdnum --enable-file --enable-creat \
@@ -36,7 +41,8 @@ export CPPFLAGS="-I%{_includedir}/readline5" LDFLAGS="-L%{_libdir}/readline5"
         --enable-listen --enable-proxy --enable-exec \
         --enable-system --enable-pty --enable-readline \
         --enable-openssl --enable-sycls --enable-filan \
-        --enable-retry --enable-libwrap
+        --enable-retry --enable-libwrap --enable-fips
+
 
 chmod 644 *.sh
 make %{?_smp_mflags}
@@ -62,6 +68,12 @@ rm -rf %{buildroot}
 %doc %{_mandir}/man1/socat.1*
 
 %changelog
+* Mon May 27 2013 Paul Wouters <pwouters at redhat.com> - 1.7.2.2-2
+- Added two patches that fixes some -Wformat warnings. these fix 2 of 3
+  failing test cases from test.sh
+- Enabled hardening with full relro/pie
+- Switch from readline5 to readline(6)
+
 * Mon May 27 2013 Paul Wouters <pwouters at redhat.com> - 1.7.2.2-1
 - Updated to 1.7.2.2 for CVE-2013-3571, rhbz#967539

More information about the scm-commits mailing list