FreeBSD Bugzilla – Attachment 179673 Details for
Bug 216785
www/lynx: add LIB_DEPENDS= libidn.so:dns/libidn, fix build with libressl-devel
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
patch
lynx.patch (text/plain), 11.61 KB, created by
Piotr Kubaj
on 2017-02-06 11:49:50 UTC
(
hide
)
Description:
patch
Filename:
MIME Type:
Creator:
Piotr Kubaj
Created:
2017-02-06 11:49:50 UTC
Size:
11.61 KB
patch
obsolete
>Index: Makefile >=================================================================== >--- Makefile (revision 433476) >+++ Makefile (working copy) >@@ -15,6 +15,8 @@ > > LICENSE= GPLv2 > >+LIB_DEPENDS= libidn.so:dns/libidn >+ > CONFLICTS= lynx-2.8.[8-9]d* > > USES= cpe ncurses shebangfix tar:bzip2 >Index: distinfo >=================================================================== >--- distinfo (revision 433476) >+++ distinfo (working copy) >@@ -1,2 +1,3 @@ >+TIMESTAMP = 1486381514 > SHA256 (lynx2.8.8rel.2.tar.bz2) = 6980e75cf0d677fd52c116e2e0dfd3884e360970c88c8356a114338500d5bee7 > SIZE (lynx2.8.8rel.2.tar.bz2) = 2587120 >Index: files/patch-CVE-2014-3566 >=================================================================== >--- files/patch-CVE-2014-3566 (revision 433476) >+++ files/patch-CVE-2014-3566 (working copy) >@@ -1,16 +0,0 @@ >-Disable SSLv2 and SSLv3 in lynx to "mitigate POODLE vulnerability". >- >-This change has been passed upstream. >- >---- WWW/Library/Implementation/HTTP.c.orig 2015-02-16 12:48:34.014809453 -0800 >-+++ WWW/Library/Implementation/HTTP.c 2015-02-16 12:49:09.627395954 -0800 >-@@ -119,7 +119,8 @@ >- #else >- SSLeay_add_ssl_algorithms(); >- ssl_ctx = SSL_CTX_new(SSLv23_client_method()); >-- SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2); >-+ /* Always disable SSLv2 & SSLv3 to "mitigate POODLE vulnerability". */ >-+ SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); >- #ifdef SSL_OP_NO_COMPRESSION >- SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_COMPRESSION); >- #endif >Index: files/patch-CVE-2016-9179 >=================================================================== >--- files/patch-CVE-2016-9179 (revision 433476) >+++ files/patch-CVE-2016-9179 (working copy) >@@ -1,85 +0,0 @@ >-Fix for CVE-2016-9179 >-See: >-http://lists.nongnu.org/archive/html/lynx-dev/2016-11/msg00018.html >- >-Re-engineered the upstream patch, which was only released >-for the unstable lynx2.8.9. Removed the at_sign, and made sure that >-the user id is correctly stripped of all non valid inputs. >- >---- WWW/Library/Implementation/HTTCP.c_orig 2016-12-01 15:07:39.487753520 +0000 >-+++ WWW/Library/Implementation/HTTCP.c 2016-12-01 15:10:20.291328282 +0000 >-@@ -1792,7 +1792,6 @@ >- int status = 0; >- char *line = NULL; >- char *p1 = NULL; >-- char *at_sign = NULL; >- char *host = NULL; >- >- #ifdef INET6 >-@@ -1814,14 +1813,8 @@ >- * Get node name and optional port number. >- */ >- p1 = HTParse(url, "", PARSE_HOST); >-- if ((at_sign = StrChr(p1, '@')) != NULL) { >-- /* >-- * If there's an @ then use the stuff after it as a hostname. >-- */ >-- StrAllocCopy(host, (at_sign + 1)); >-- } else { >- StrAllocCopy(host, p1); >-- } >-+ strip_userid(host, FALSE); >- FREE(p1); >- >- HTSprintf0(&line, "%s%s", WWW_FIND_MESSAGE, host); >---- WWW/Library/Implementation/HTTP.c_orig 2016-12-01 15:13:24.171404704 +0000 >-+++ WWW/Library/Implementation/HTTP.c 2016-12-01 15:19:59.699276204 +0000 >-@@ -426,7 +426,7 @@ >- /* >- * Strip any username from the given string so we retain only the host. >- */ >--static void strip_userid(char *host) >-+void strip_userid(char *host, int parse_only) >- { >- char *p1 = host; >- char *p2 = StrChr(host, '@'); >-@@ -439,7 +439,8 @@ >- >- CTRACE((tfp, "parsed:%s\n", fake)); >- HTSprintf0(&msg, gettext("Address contains a username: %s"), host); >-- HTAlert(msg); >-+ if (msg !=0 && !parse_only) >-+ HTAlert(msg); >- FREE(msg); >- } >- while ((*p1++ = *p2++) != '\0') { >-@@ -1081,7 +1082,7 @@ >- char *host = NULL; >- >- if ((host = HTParse(anAnchor->address, "", PARSE_HOST)) != NULL) { >-- strip_userid(host); >-+ strip_userid(host, TRUE); >- HTBprintf(&command, "Host: %s%c%c", host, CR, LF); >- FREE(host); >- } >---- WWW/Library/Implementation/HTUtils.h_orig 2016-12-01 15:21:38.919699987 +0000 >-+++ WWW/Library/Implementation/HTUtils.h 2016-12-01 15:22:57.870511104 +0000 >-@@ -801,6 +801,8 @@ >- >- extern FILE *TraceFP(void); >- >-+ extern void strip_userid(char *host, int warn); >-+ >- #ifdef USE_SSL >- extern SSL *HTGetSSLHandle(void); >- extern void HTSSLInitPRNG(void); >---- src/LYUtils.c_orig 2016-12-01 15:25:21.769447171 +0000 >-+++ src/LYUtils.c 2016-12-01 15:28:31.901411555 +0000 >-@@ -4693,6 +4693,7 @@ >- * Do a DNS test on the potential host field as presently trimmed. - FM >- */ >- StrAllocCopy(host, Str); >-+ strip_userid(host, FALSE); >- HTUnEscape(host); >- if (LYCursesON) { >- StrAllocCopy(MsgStr, WWW_FIND_MESSAGE); >Index: files/patch-WWW_Library_Implementation_HTTCP.c >=================================================================== >--- files/patch-WWW_Library_Implementation_HTTCP.c (revision 0) >+++ files/patch-WWW_Library_Implementation_HTTCP.c (working copy) >@@ -0,0 +1,26 @@ >+--- WWW/Library/Implementation/HTTCP.c.orig 2013-12-18 01:56:13 UTC >++++ WWW/Library/Implementation/HTTCP.c >+@@ -1792,7 +1792,6 @@ int HTDoConnect(const char *url, >+ int status = 0; >+ char *line = NULL; >+ char *p1 = NULL; >+- char *at_sign = NULL; >+ char *host = NULL; >+ >+ #ifdef INET6 >+@@ -1814,14 +1813,8 @@ int HTDoConnect(const char *url, >+ * Get node name and optional port number. >+ */ >+ p1 = HTParse(url, "", PARSE_HOST); >+- if ((at_sign = StrChr(p1, '@')) != NULL) { >+- /* >+- * If there's an @ then use the stuff after it as a hostname. >+- */ >+- StrAllocCopy(host, (at_sign + 1)); >+- } else { >+ StrAllocCopy(host, p1); >+- } >++ strip_userid(host, FALSE); >+ FREE(p1); >+ >+ HTSprintf0(&line, "%s%s", WWW_FIND_MESSAGE, host); > >Property changes on: files/patch-WWW_Library_Implementation_HTTCP.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/patch-WWW_Library_Implementation_HTTP.c >=================================================================== >--- files/patch-WWW_Library_Implementation_HTTP.c (revision 0) >+++ files/patch-WWW_Library_Implementation_HTTP.c (working copy) >@@ -0,0 +1,39 @@ >+--- WWW/Library/Implementation/HTTP.c.orig 2017-02-06 11:42:42 UTC >++++ WWW/Library/Implementation/HTTP.c >+@@ -420,7 +420,7 @@ int ws_netread(int fd, char *buf, int le >+ /* >+ * Strip any username from the given string so we retain only the host. >+ */ >+-static void strip_userid(char *host) >++void strip_userid(char *host, int parse_only) >+ { >+ char *p1 = host; >+ char *p2 = StrChr(host, '@'); >+@@ -433,7 +433,8 @@ static void strip_userid(char *host) >+ >+ CTRACE((tfp, "parsed:%s\n", fake)); >+ HTSprintf0(&msg, gettext("Address contains a username: %s"), host); >+- HTAlert(msg); >++ if (msg !=0 && !parse_only) >++ HTAlert(msg); >+ FREE(msg); >+ } >+ while ((*p1++ = *p2++) != '\0') { >+@@ -721,7 +722,7 @@ static int HTLoadHTTP(const char *arg, >+ #elif SSLEAY_VERSION_NUMBER >= 0x0900 >+ #ifndef USE_NSS_COMPAT_INCL >+ if (!try_tls) { >+- handle->options |= SSL_OP_NO_TLSv1; >++ SSL_set_options(handle, SSL_OP_NO_TLSv1); >+ #if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT) >+ } else { >+ int ret = (int) SSL_set_tlsext_host_name(handle, ssl_host); >+@@ -1075,7 +1076,7 @@ static int HTLoadHTTP(const char *arg, >+ char *host = NULL; >+ >+ if ((host = HTParse(anAnchor->address, "", PARSE_HOST)) != NULL) { >+- strip_userid(host); >++ strip_userid(host, TRUE); >+ HTBprintf(&command, "Host: %s%c%c", host, CR, LF); >+ FREE(host); >+ } > >Property changes on: files/patch-WWW_Library_Implementation_HTTP.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/patch-WWW_Library_Implementation_HTUtils.h >=================================================================== >--- files/patch-WWW_Library_Implementation_HTUtils.h (revision 0) >+++ files/patch-WWW_Library_Implementation_HTUtils.h (working copy) >@@ -0,0 +1,11 @@ >+--- WWW/Library/Implementation/HTUtils.h.orig 2014-02-05 00:50:18 UTC >++++ WWW/Library/Implementation/HTUtils.h >+@@ -801,6 +801,8 @@ extern "C" { >+ >+ extern FILE *TraceFP(void); >+ >++ extern void strip_userid(char *host, int warn); >++ >+ #ifdef USE_SSL >+ extern SSL *HTGetSSLHandle(void); >+ extern void HTSSLInitPRNG(void); > >Property changes on: files/patch-WWW_Library_Implementation_HTUtils.h >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/patch-makefile.in >=================================================================== >--- files/patch-makefile.in (revision 433476) >+++ files/patch-makefile.in (working copy) >@@ -1,5 +1,6 @@ >-Index: makefile.in >-@@ -433,7 +433,9 @@ >+--- makefile.in.orig 2014-03-09 21:43:10 UTC >++++ makefile.in >+@@ -413,7 +413,9 @@ install-help : $(CFG2HTML) help_files.se > else \ > cp $(srcdir)/lynx.cfg $(SYSCONFDIR)/lynx.tmp ; \ > fi' >@@ -10,7 +11,7 @@ > @ECHO_CC@sed -e '/^HELPFILE:http/s!^!#!' \ > -e '/^#HELPFILE:file/s!#!!' \ > $(SYSCONFDIR)/lynx.tmp | \ >-@@ -441,9 +443,11 @@ >+@@ -421,9 +423,11 @@ install-help : $(CFG2HTML) help_files.se > $(SHELL) $(scripts_dir)/cfg_path.sh lynx_doc $(helpdir) | \ > sed -e '/^HELPFILE:file/s!$$!$(COMPRESS_EXT)!' \ > -e '/^HELPFILE:file/s!$(COMPRESS_EXT)$(COMPRESS_EXT)$$!$(COMPRESS_EXT)!' \ >@@ -24,7 +25,7 @@ > > LYHelp.h : help_files.sed $(srcdir)/LYHelp.hin > @echo Creating $@ >-@@ -465,17 +469,17 @@ >+@@ -445,17 +449,17 @@ cfg_defs.h : $(scripts_dir)/cfg_defs.sh > $(SHELL) -c 'SHELL=$(SHELL) $(SHELL) $(scripts_dir)/cfg_defs.sh $(srcdir)' > > install-cfg : $(SYSCONFDIR) >Index: files/patch-src_LYCharSets.c >=================================================================== >--- files/patch-src_LYCharSets.c (revision 0) >+++ files/patch-src_LYCharSets.c (working copy) >@@ -0,0 +1,11 @@ >+--- src/LYCharSets.c.orig 2013-07-29 21:38:35 UTC >++++ src/LYCharSets.c >+@@ -872,7 +872,7 @@ const char *HTMLGetEntityName(UCode_t co >+ */ >+ UCode_t HTMLGetEntityUCValue(const char *name) >+ { >+-#include <entities.h> >++#include "chrtrans/entities.h" >+ >+ UCode_t value = 0; >+ size_t i, high, low; > >Property changes on: files/patch-src_LYCharSets.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: files/patch-src_LYUtils.c >=================================================================== >--- files/patch-src_LYUtils.c (revision 0) >+++ files/patch-src_LYUtils.c (working copy) >@@ -0,0 +1,10 @@ >+--- src/LYUtils.c.orig 2014-03-09 21:43:10 UTC >++++ src/LYUtils.c >+@@ -4693,6 +4693,7 @@ BOOLEAN LYExpandHostForURL(char **Alloca >+ * Do a DNS test on the potential host field as presently trimmed. - FM >+ */ >+ StrAllocCopy(host, Str); >++ strip_userid(host, FALSE); >+ HTUnEscape(host); >+ if (LYCursesON) { >+ StrAllocCopy(MsgStr, WWW_FIND_MESSAGE); > >Property changes on: files/patch-src_LYUtils.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=179673">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
pkubaj
:
maintainer-approval?
(jharris)
Actions:
View
|
Diff
Attachments on
bug 216785
:
179602
| 179673 |
179809