[socat] * Mon May 27 2013 Paul Wouters <pwouters at redhat.com> - 1.7.2.2-2 - Added two patches that fixes some
Paul Wouters
pwouters at fedoraproject.org
Mon May 27 20:40:13 UTC 2013
commit 68745e7519573d56485e4bb00cb06a0db0aef079
Author: Paul Wouters <pwouters at redhat.com>
Date: Mon May 27 14:18:29 2013 -0400
* Mon May 27 2013 Paul Wouters <pwouters at redhat.com> - 1.7.2.2-2
- Added two patches that fixes some -Wformat warnings. these fix 2 of 3
failing test cases from test.sh
- Enabled hardening with full relro/pie
- Switched from readline5 to readline (6)
socat-1.7.2.1-errqueue.patch | 11 +++++++++++
socat-1.7.2.1-procan-cdefs.patch | 12 ++++++++++++
socat.spec | 22 +++++++++++++++++-----
3 files changed, 40 insertions(+), 5 deletions(-)
---
diff --git a/socat-1.7.2.1-errqueue.patch b/socat-1.7.2.1-errqueue.patch
new file mode 100644
index 0000000..6aa89e2
--- /dev/null
+++ b/socat-1.7.2.1-errqueue.patch
@@ -0,0 +1,11 @@
+diff -Naur socat-1.7.2.1-orig/xio-ip.c socat-1.7.2.1/xio-ip.c
+--- socat-1.7.2.1-orig/xio-ip.c 2011-12-06 02:45:03.000000000 -0500
++++ socat-1.7.2.1/xio-ip.c 2012-05-23 16:31:23.000000000 -0400
+@@ -42,6 +42,7 @@
+ const struct optdesc opt_ip_hdrincl = { "ip-hdrincl", "hdrincl", OPT_IP_HDRINCL, GROUP_SOCK_IP, PH_PASTSOCKET, TYPE_INT, OFUNC_SOCKOPT, SOL_IP, IP_HDRINCL };
+ #endif
+ #ifdef IP_RECVERR
++# include <linux/errqueue.h>
+ const struct optdesc opt_ip_recverr = { "ip-recverr", "recverr", OPT_IP_RECVERR, GROUP_SOCK_IP, PH_PASTSOCKET, TYPE_INT, OFUNC_SOCKOPT, SOL_IP, IP_RECVERR };
+ #endif
+ #ifdef IP_MTU_DISCOVER
diff --git a/socat-1.7.2.1-procan-cdefs.patch b/socat-1.7.2.1-procan-cdefs.patch
new file mode 100644
index 0000000..5375e02
--- /dev/null
+++ b/socat-1.7.2.1-procan-cdefs.patch
@@ -0,0 +1,12 @@
+diff -Naur socat-1.7.2.1-orig/procan-cdefs.c socat-1.7.2.1/procan-cdefs.c
+--- socat-1.7.2.1-orig/procan-cdefs.c 2010-10-06 03:25:30.000000000 -0400
++++ socat-1.7.2.1/procan-cdefs.c 2012-11-20 17:15:37.521215330 -0500
+@@ -20,7 +20,7 @@
+ fprintf(outfile, "#define FD_SETSIZE %u\n", FD_SETSIZE);
+ #endif
+ #ifdef NFDBITS
+- fprintf(outfile, "#define NFDBITS "F_Zu"\n", NFDBITS);
++ fprintf(outfile, "#define NFDBITS %u\n", NFDBITS);
+ #endif
+ #ifdef O_RDONLY
+ fprintf(outfile, "#define O_RDONLY %u\n", O_RDONLY);
diff --git a/socat.spec b/socat.spec
index f1be6b9..6b87fd8 100644
--- a/socat.spec
+++ b/socat.spec
@@ -1,14 +1,18 @@
+%global _hardened_build 1
+
Summary: Bidirectional data relay between two data channels ('netcat++')
Name: socat
Version: 1.7.2.2
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv2
Url: http://www.dest-unreach.org/%{name}
Source: http://www.dest-unreach.org/socat/download/%{name}-%{version}.tar.gz
Group: Applications/Internet
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
-BuildRequires: openssl-devel compat-readline5-devel ncurses-devel
+BuildRequires: openssl-devel readline-devel ncurses-devel
BuildRequires: autoconf kernel-headers > 2.6.18
+Patch1: socat-1.7.2.1-procan-cdefs.patch
+Patch2: socat-1.7.2.1-errqueue.patch
%description
Socat is a relay for bidirectional data transfer between two independent data
@@ -16,17 +20,18 @@ channels. Each of these data channels may be a file, pipe, device (serial line
etc. or a pseudo terminal), a socket (UNIX, IP4, IP6 - raw, UDP, TCP), an
SSL socket, proxy CONNECT connection, a file descriptor (stdin etc.), the GNU
line editor (readline), a program, or a combination of two of these.
-The compat-readline5 library is used to avoid GPLv2 vs GPLv3 issues.
%prep
%setup -q
iconv -f iso8859-1 -t utf-8 CHANGES > CHANGES.utf8
mv CHANGES.utf8 CHANGES
+%patch1 -p1
+%patch2 -p1
%build
+
autoconf
-export CPPFLAGS="-I%{_includedir}/readline5" LDFLAGS="-L%{_libdir}/readline5"
%configure \
--enable-help --enable-stdio \
--enable-fdnum --enable-file --enable-creat \
@@ -36,7 +41,8 @@ export CPPFLAGS="-I%{_includedir}/readline5" LDFLAGS="-L%{_libdir}/readline5"
--enable-listen --enable-proxy --enable-exec \
--enable-system --enable-pty --enable-readline \
--enable-openssl --enable-sycls --enable-filan \
- --enable-retry --enable-libwrap
+ --enable-retry --enable-libwrap --enable-fips
+
chmod 644 *.sh
make %{?_smp_mflags}
@@ -62,6 +68,12 @@ rm -rf %{buildroot}
%doc %{_mandir}/man1/socat.1*
%changelog
+* Mon May 27 2013 Paul Wouters <pwouters at redhat.com> - 1.7.2.2-2
+- Added two patches that fixes some -Wformat warnings. these fix 2 of 3
+ failing test cases from test.sh
+- Enabled hardening with full relro/pie
+- Switch from readline5 to readline(6)
+
* Mon May 27 2013 Paul Wouters <pwouters at redhat.com> - 1.7.2.2-1
- Updated to 1.7.2.2 for CVE-2013-3571, rhbz#967539
More information about the scm-commits
mailing list