Hello community, here is the log from the commit of package openwsman for openSUSE:Factory checked in at 2014-03-21 13:52:17 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openwsman (Old) and /work/SRC/openSUSE:Factory/.openwsman.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openwsman" Changes: -------- --- /work/SRC/openSUSE:Factory/openwsman/openwsman.changes 2014-02-28 07:24:43.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.openwsman.new/openwsman.changes 2014-03-21 13:52:19.000000000 +0100 @@ -1,0 +2,15 @@ +Fri Mar 14 10:07:37 UTC 2014 - [email protected] + +- Update to 2.4.5 + - Features + - enforce SSL operation in systemd service + - Add /usr/sbin/rcopenwsman for systemd environments + - New environment variable 'OPENWSMAN_CURL_TRANSPORT_SSLVERSION' to + select SSL protocol version. Set it to 'tlsv1.2' for TLS-v1.2 + (anstein) + - Bugfixes + - Fix memory leaks in redirect plugin (Praveen K Paladugu) + - shttpd: Improve error reporting if SSL context fails + - Builds on Fedora 20 now + +------------------------------------------------------------------- Old: ---- openwsman-2.4.4.tar.bz2 openwsman_2.4.3-0ubuntu5~precise2~ppa1.debian.tar.gz openwsman_2.4.3.orig.tar.gz New: ---- openwsman-2.4.5.tar.bz2 openwsman_2.4.4-0ubuntu1.debian.tar.gz openwsman_2.4.4-0ubuntu1.dsc openwsman_2.4.4.orig.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openwsman.spec ++++++ --- /var/tmp/diff_new_pack.HV5ALu/_old 2014-03-21 13:52:20.000000000 +0100 +++ /var/tmp/diff_new_pack.HV5ALu/_new 2014-03-21 13:52:20.000000000 +0100 @@ -62,7 +62,7 @@ %endif %endif -%if 0%{?fedora} == 19 +%if 0%{?fedora} > 20 BuildRequires: rubypick %endif @@ -114,7 +114,7 @@ %endif Requires(pre): sed coreutils grep /bin/hostname -Version: 2.4.4 +Version: 2.4.5 Release: 0 # Mandriva: # Release %mkrel 1 @@ -213,8 +213,8 @@ %package ruby Requires: ruby -# RbConfig::CONFIG["ruby_version"] is empty in Fedora 19 !? -%if 0%{?fedora} == 19 +# RbConfig::CONFIG["ruby_version"] is empty in Fedora > 18 !? +%if 0%{?fedora} > 18 %{!?ruby_version: %global ruby_version %(ruby -r rbconfig -e 'print(RbConfig::CONFIG["RUBY_PROGRAM_VERSION"])')} %else %{!?ruby_version: %global ruby_version %(ruby -r rbconfig -e 'print(RbConfig::CONFIG["ruby_version"])')} @@ -339,7 +339,7 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/openwsman/authenticators/*.la [ -d $RPM_BUILD_ROOT%{ruby_sitelib} ] && rm -f $RPM_BUILD_ROOT%{ruby_sitelib}/openwsmanplugin.rb [ -d $RPM_BUILD_ROOT%{ruby_vendorlib} ] && rm -f $RPM_BUILD_ROOT%{ruby_vendorlib}/openwsmanplugin.rb -%if 0%{?suse_version} <= 1210 +%if 0%{?suse_version} <= 1220 mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/init.d install -m 755 build/etc/init/openwsmand.sh $RPM_BUILD_ROOT%{_sysconfdir}/init.d/openwsmand ln -sf %{_sysconfdir}/init.d/openwsmand $RPM_BUILD_ROOT%{_sbindir}/rcopenwsmand ++++++ openwsman-2.4.4.tar.bz2 -> openwsman-2.4.5.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.4/CMakeLists.txt new/openwsman-2.4.5/CMakeLists.txt --- old/openwsman-2.4.4/CMakeLists.txt 2014-02-13 12:15:37.000000000 +0100 +++ new/openwsman-2.4.5/CMakeLists.txt 2014-02-27 15:21:19.000000000 +0100 @@ -183,13 +183,17 @@ MESSAGE(STATUS "Building Python...") ENDIF (PYTHON_LINK_LIBS) ENDIF (PYTHON_LIBRARY) - IF(NOT PYTHON_INCLUDE_PATH ) + IF(NOT PYTHON_INCLUDE_DIRS ) + # fallback for older versions of cmake + SET(PYTHON_INCLUDE_DIRS PYTHON_INCLUDE_PATH) + ENDIF(NOT PYTHON_INCLUDE_DIRS ) + IF(NOT PYTHON_INCLUDE_DIRS ) IF(BUILD_PYTHON_EXPLICIT) NO_HEADERS_WARNING_EXPL(BUILD_PYTHON Python) ELSE(BUILD_PYTHON_EXPLICIT) NO_HEADERS_WARNING(BUILD_PYTHON Python) ENDIF(BUILD_PYTHON_EXPLICIT) - ENDIF(NOT PYTHON_INCLUDE_PATH ) + ENDIF(NOT PYTHON_INCLUDE_DIRS ) ENDIF( BUILD_PYTHON ) IF( BUILD_PERL ) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.4/ChangeLog new/openwsman-2.4.5/ChangeLog --- old/openwsman-2.4.4/ChangeLog 2014-02-27 14:18:18.000000000 +0100 +++ new/openwsman-2.4.5/ChangeLog 2014-03-14 11:03:31.000000000 +0100 @@ -1,3 +1,15 @@ +2.4.5 +- Features + - enforce SSL operation in systemd service + - Add /usr/sbin/rcopenwsman for systemd environments + - New environment variable 'OPENWSMAN_CURL_TRANSPORT_SSLVERSION' to + select SSL protocol version. Set it to 'tlsv1.2' for TLS-v1.2 + (anstein) +- Bugfixes + - Fix memory leaks in redirect plugin (Praveen K Paladugu) + - shttpd: Improve error reporting if SSL context fails + - Builds on Fedora 20 now + 2.4.4 - Security update - ws_xml_make_default_prefix() can overflow buf parameter via sprintf() @@ -10,8 +22,12 @@ - Unchecked memory allocation in dictionary_new(), d, d->val, d->key, d->hash - Unchecked memory allocation in u_error_new(), *error - sighup_handler() in wsmand.c uses unsafe functions in a signal handler +- Features + - add rcopenwsman command to systemd environments + - add rcopenwsmand command for backwards compatibility - Bindings - support rdoc 2.1 in Ruby bindings + - cmake: use PYTHON_INCLUDE_DIRS 2.4.3 - Bugfixes diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.4/VERSION.cmake new/openwsman-2.4.5/VERSION.cmake --- old/openwsman-2.4.4/VERSION.cmake 2014-02-27 09:07:50.000000000 +0100 +++ new/openwsman-2.4.5/VERSION.cmake 2014-03-14 11:03:31.000000000 +0100 @@ -47,7 +47,7 @@ # Package version 2.4.4 SET(OPENWSMAN_MAJOR "2") SET(OPENWSMAN_MINOR "4") -SET(OPENWSMAN_PATCH "4") +SET(OPENWSMAN_PATCH "5") # Plugin API 2.2 SET(OPENWSMAN_PLUGIN_API_MAJOR "2") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.4/bindings/python/CMakeLists.txt new/openwsman-2.4.5/bindings/python/CMakeLists.txt --- old/openwsman-2.4.4/bindings/python/CMakeLists.txt 2012-02-06 12:36:44.000000000 +0100 +++ new/openwsman-2.4.5/bindings/python/CMakeLists.txt 2014-02-27 15:21:19.000000000 +0100 @@ -36,7 +36,7 @@ ADD_LIBRARY( pywsman SHARED ${pywsman_SRCS} ) SET_TARGET_PROPERTIES( pywsman PROPERTIES PREFIX "_" ) -INCLUDE_DIRECTORIES( ${PYTHON_INCLUDE_PATH} ) +INCLUDE_DIRECTORIES( ${PYTHON_INCLUDE_DIRS} ) INCLUDE_DIRECTORIES( ${CMAKE_CURRENT_BINARY_DIR} ) INCLUDE_DIRECTORIES( ${CMAKE_SOURCE_DIR} ${CMAKE_SOURCE_DIR}/bindings ${CMAKE_SOURCE_DIR}/include ) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.4/bindings/ruby/openwsman.gemspec.in new/openwsman-2.4.5/bindings/ruby/openwsman.gemspec.in --- old/openwsman-2.4.4/bindings/ruby/openwsman.gemspec.in 2012-02-06 12:36:44.000000000 +0100 +++ new/openwsman-2.4.5/bindings/ruby/openwsman.gemspec.in 2014-02-27 16:47:10.000000000 +0100 @@ -6,7 +6,7 @@ s.platform = Gem::Platform::RUBY s.authors = ["Klaus Kämpf"] s.email = ["[email protected]"] - s.homepage = "http://www.github.com/openwsman/openwsman"; + s.homepage = "http://openwsman.github.io"; s.summary = "Ruby client bindings for Openwsman" s.description = "The openwsman gem provides a Ruby API to manage systems using the WS-Management protocol." diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.4/package/openwsman.service.in new/openwsman-2.4.5/package/openwsman.service.in --- old/openwsman-2.4.4/package/openwsman.service.in 2013-08-05 11:47:23.000000000 +0200 +++ new/openwsman-2.4.5/package/openwsman.service.in 2014-03-07 16:49:46.000000000 +0100 @@ -4,7 +4,7 @@ [Service] Type=forking -ExecStart=@prefix@/sbin/openwsmand +ExecStart=@prefix@/sbin/openwsmand -S [Install] WantedBy=multi-user.target diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.4/package/openwsman.spec.in new/openwsman-2.4.5/package/openwsman.spec.in --- old/openwsman-2.4.4/package/openwsman.spec.in 2013-12-11 16:25:15.000000000 +0100 +++ new/openwsman-2.4.5/package/openwsman.spec.in 2014-03-11 08:14:31.000000000 +0100 @@ -54,12 +54,15 @@ BuildRequires: pkgconfig BuildRequires: ruby +# RHEL6 is missing ruby-devel in OBS +%if 0%{?rhel_version} != 700 BuildRequires: ruby-devel %if 0%{?fedora} == 0 BuildRequires: ruby-rdoc %endif +%endif -%if 0%{?fedora} == 19 +%if 0%{?fedora} > 20 BuildRequires: rubypick %endif @@ -210,8 +213,8 @@ %package ruby Requires: ruby -# RbConfig::CONFIG["ruby_version"] is empty in Fedora 19 !? -%if 0%{?fedora} == 19 +# RbConfig::CONFIG["ruby_version"] is empty in Fedora > 18 !? +%if 0%{?fedora} > 18 %{!?ruby_version: %global ruby_version %(ruby -r rbconfig -e 'print(RbConfig::CONFIG["RUBY_PROGRAM_VERSION"])')} %else %{!?ruby_version: %global ruby_version %(ruby -r rbconfig -e 'print(RbConfig::CONFIG["ruby_version"])')} @@ -336,10 +339,14 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/openwsman/authenticators/*.la [ -d $RPM_BUILD_ROOT%{ruby_sitelib} ] && rm -f $RPM_BUILD_ROOT%{ruby_sitelib}/openwsmanplugin.rb [ -d $RPM_BUILD_ROOT%{ruby_vendorlib} ] && rm -f $RPM_BUILD_ROOT%{ruby_vendorlib}/openwsmanplugin.rb -%if 0%{?suse_version} <= 1210 +%if 0%{?suse_version} <= 1220 mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/init.d install -m 755 build/etc/init/openwsmand.sh $RPM_BUILD_ROOT%{_sysconfdir}/init.d/openwsmand ln -sf %{_sysconfdir}/init.d/openwsmand $RPM_BUILD_ROOT%{_sbindir}/rcopenwsmand +%else +# rcopenwsmand for systemd +ln -sf %{_sbindir}/service $RPM_BUILD_ROOT%{_sbindir}/rcopenwsman +ln -sf %{_sbindir}/rcopenwsman $RPM_BUILD_ROOT%{_sbindir}/rcopenwsmand %endif install -m 644 etc/openwsman.conf $RPM_BUILD_ROOT%{_sysconfdir}/openwsman install -m 644 etc/openwsman_client.conf $RPM_BUILD_ROOT%{_sysconfdir}/openwsman @@ -471,8 +478,11 @@ %endif %if 0%{?suse_version} <= 1210 %attr(0755,root,root) %{_sysconfdir}/init.d/openwsmand -%{_sbindir}/rcopenwsmand +%else +%{_sbindir}/rcopenwsman %endif +# backwards compatibility +%{_sbindir}/rcopenwsmand %dir %{_libdir}/openwsman %dir %{_libdir}/openwsman/authenticators %{_libdir}/openwsman/authenticators/*.so diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.4/src/lib/wsman-curl-client-transport.c new/openwsman-2.4.5/src/lib/wsman-curl-client-transport.c --- old/openwsman-2.4.4/src/lib/wsman-curl-client-transport.c 2013-08-05 11:47:23.000000000 +0200 +++ new/openwsman-2.4.5/src/lib/wsman-curl-client-transport.c 2014-03-07 16:53:59.000000000 +0100 @@ -268,6 +268,8 @@ { CURL *curl; CURLcode r = CURLE_OK; + char *sslhack; + long sslversion; #define curl_err(str) debug("Error = %d (%s); %s", \ r, curl_easy_strerror(r), str); curl = curl_easy_init(); @@ -376,7 +378,33 @@ goto DONE; } - + /* enforce specific ssl version if requested */ + sslhack = getenv("OPENWSMAN_CURL_TRANSPORT_SSLVERSION"); + if (sslhack == NULL) { + sslversion = CURL_SSLVERSION_DEFAULT; + } else if (!strcmp(sslhack,"tlsv1")) { + sslversion = CURL_SSLVERSION_TLSv1; + } else if (!strcmp(sslhack,"sslv2")) { + sslversion = CURL_SSLVERSION_SSLv2; + } else if (!strcmp(sslhack,"sslv3")) { + sslversion = CURL_SSLVERSION_SSLv3; +#if LIBCURL_VERSION_NUM >= 0x072200 + } else if (!strcmp(sslhack,"tlsv1.0")) { + sslversion = CURL_SSLVERSION_TLSv1_0; + } else if (!strcmp(sslhack,"tlsv1.1")) { + sslversion = CURL_SSLVERSION_TLSv1_1; + } else if (!strcmp(sslhack,"tlsv1.2")) { + sslversion = CURL_SSLVERSION_TLSv1_2; +#endif + } + else { + sslversion = CURL_SSLVERSION_DEFAULT; + } + r = curl_easy_setopt(curl, CURLOPT_SSLVERSION, sslversion ); + if (r != 0) { + curl_err("Could not curl_easy_setopt(curl, CURLOPT_SSLVERSION, ..)"); + goto DONE; + } return (void *)curl; DONE: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.4/src/plugins/redirect/redirect.c new/openwsman-2.4.5/src/plugins/redirect/redirect.c --- old/openwsman-2.4.4/src/plugins/redirect/redirect.c 2014-02-27 11:12:55.000000000 +0100 +++ new/openwsman-2.4.5/src/plugins/redirect/redirect.c 2014-03-14 11:03:31.000000000 +0100 @@ -39,7 +39,7 @@ }; -static struct __Redirect_Data *redirect_data; +static struct __Redirect_Data *redirect_data =NULL; SER_START_ITEMS(Redirect) SER_END_ITEMS(Redirect); @@ -65,7 +65,7 @@ int i; list_t *l = list_create(LISTCOUNT_T_MAX); - WsSupportedNamespaces *ns = (WsSupportedNamespaces *)u_malloc( + WsSupportedNamespaces *ns = (WsSupportedNamespaces *)u_zalloc( sizeof(WsSupportedNamespaces)); ns->class_prefix = NULL; @@ -96,16 +96,18 @@ int init( void *self, void **data ) { char* filename; - dictionary *ini, *inc_ini; + dictionary *ini=NULL, *inc_ini=NULL; filename = (char *) wsmand_options_get_config_file(); ini = iniparser_new(filename); + if (ini == NULL) { - error("redirect: iniparser_new failed"); + error("Redirect Plugin: iniparser_new failed"); return 0; } - redirect_data = malloc (sizeof(struct __Redirect_Data)); + + redirect_data = u_zalloc (sizeof(struct __Redirect_Data)); if (redirect_data == NULL){ - error("Failed while allocating memory for redirect_data"); + error("Redirect Plugin: Failed while allocating memory for redirect_data"); return 0; } @@ -130,7 +132,12 @@ error("Redirect Plugin: The required inputs are not provided in the config file"); return 0; } - + if (ini != NULL) + iniparser_free(ini); + + if (inc_ini != NULL) + iniparser_free (inc_ini); + return 1; } @@ -258,23 +265,23 @@ WsManClient* setup_redirect_client(WsContextH cntx, char *ws_username, char *ws_password) { - WsManClient *cl = malloc(sizeof(cl)); + WsManClient *cl = NULL; - if (cl == NULL){ - error("Error while allocating memory for client in redirect plugin"); - return NULL; - } - - cl = wsmc_create( get_remote_server() , get_remote_server_port() , get_remote_url_path(), get_remote_cainfo() ? "https" : "http", - get_remote_username() ? get_remote_username() : strdup(ws_username), - get_remote_password() ? get_remote_password() : strdup(ws_password) + /* wsmc_create duplicates the username/password passed, no need to duplicate again. */ + get_remote_username() ? get_remote_username() : ws_username, + get_remote_password() ? get_remote_password() : ws_password ); + if (cl == NULL){ + error("Redirect Plugin: Error while creating the client for redirection"); + return NULL; + } + wsman_transport_set_auth_method(cl, get_remote_authentication_method()); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.4/src/plugins/redirect/redirect_stubs.c new/openwsman-2.4.5/src/plugins/redirect/redirect_stubs.c --- old/openwsman-2.4.4/src/plugins/redirect/redirect_stubs.c 2013-08-05 11:47:23.000000000 +0200 +++ new/openwsman-2.4.5/src/plugins/redirect/redirect_stubs.c 2014-03-14 11:03:31.000000000 +0100 @@ -122,7 +122,7 @@ WsXmlNodeH r_header=NULL, r_node=NULL, r_body=NULL, r_opt=NULL; WsXmlDocH r_response=NULL; - char *resource_uri, *remote_enumContext; + char *resource_uri, *remote_enumContext=NULL; int op; WsManClient *cl=NULL; @@ -161,7 +161,7 @@ - r_response = ws_xml_duplicate_doc(wsmc_build_envelope_from_response(cl)); + r_response = wsmc_build_envelope_from_response(cl); if ( wsman_is_fault_envelope(r_response)){ @@ -209,7 +209,8 @@ } wsmc_release(cl); - + if (remote_enumContext != NULL) + free(remote_enumContext); return 0; @@ -265,7 +266,7 @@ } - response = ws_xml_duplicate_doc(wsmc_build_envelope_from_response(cl)); + response = wsmc_build_envelope_from_response(cl); if ( ! wsman_is_fault_envelope(response) ) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.4/src/plugins/swig/python/CMakeLists.txt new/openwsman-2.4.5/src/plugins/swig/python/CMakeLists.txt --- old/openwsman-2.4.4/src/plugins/swig/python/CMakeLists.txt 2010-09-29 15:17:53.000000000 +0200 +++ new/openwsman-2.4.5/src/plugins/swig/python/CMakeLists.txt 2014-02-27 15:21:19.000000000 +0100 @@ -16,7 +16,7 @@ ENDIF (NOT PYTHON_SITE_DIR) MESSAGE(STATUS "Python executable: ${PYTHON_EXECUTABLE}") -MESSAGE(STATUS "Python inc dir: ${PYTHON_INCLUDE_PATH}") +MESSAGE(STATUS "Python inc dir: ${PYTHON_INCLUDE_DIRS}") MESSAGE(STATUS "Python lib dir: ${PYTHON_LIB_DIR}") #MESSAGE(STATUS "Python libraries: ${PYTHON_LIBRARIES}") MESSAGE(STATUS "Python site dir: ${PYTHON_SITE_DIR}") @@ -43,7 +43,7 @@ INCLUDE_DIRECTORIES( ${CMAKE_BINARY_DIR} ) # all other wsman includes INCLUDE_DIRECTORIES( ${CMAKE_SOURCE_DIR}/include ) -INCLUDE_DIRECTORIES( ${PYTHON_INCLUDE_PATH} ) +INCLUDE_DIRECTORIES( ${PYTHON_INCLUDE_DIRS} ) # # wsman_python_plugin.so diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.4/src/server/shttpd/config.c new/openwsman-2.4.5/src/server/shttpd/config.c --- old/openwsman-2.4.4/src/server/shttpd/config.c 2012-02-06 12:36:44.000000000 +0100 +++ new/openwsman-2.4.5/src/server/shttpd/config.c 2014-03-07 16:49:46.000000000 +0100 @@ -91,12 +91,19 @@ arg = NULL; /* Unused */ /* Load SSL library dynamically */ - if ((lib = dlopen(SSL_LIB, RTLD_LAZY)) == NULL) + if ((lib = dlopen(SSL_LIB, RTLD_LAZY)) == NULL) { elog(E_FATAL, NULL, "set_ssl: cannot load %s", SSL_LIB); + ctx->ssl_ctx = NULL; + return; + } - for (fp = ssl_sw; fp->name != NULL; fp++) - if ((fp->ptr.v_void = dlsym(lib, fp->name)) == NULL) - elog(E_FATAL, NULL,"set_ssl: cannot find %s", fp->name); + for (fp = ssl_sw; fp->name != NULL; fp++) { + if ((fp->ptr.v_void = dlsym(lib, fp->name)) == NULL) { + elog(E_FATAL, NULL,"set_ssl: cannot find %s", fp->name); + ctx->ssl_ctx = NULL; + return; + } + } /* Initialize SSL crap */ static int ssl_library_initialized = 0; @@ -105,12 +112,19 @@ SSL_library_init(); ssl_library_initialized = 1; } - if ((CTX = SSL_CTX_new(SSLv23_server_method())) == NULL) + if ((CTX = SSL_CTX_new(SSLv23_server_method())) == NULL) { elog(E_FATAL, NULL, "SSL_CTX_new error"); - else if (wsmand_options_get_ssl_cert_file() && SSL_CTX_use_certificate_file(CTX, wsmand_options_get_ssl_cert_file(),SSL_FILETYPE_PEM) == 0) + } + else if (wsmand_options_get_ssl_cert_file() && SSL_CTX_use_certificate_file(CTX, wsmand_options_get_ssl_cert_file(),SSL_FILETYPE_PEM) == 0) { elog(E_FATAL, NULL, "cannot open %s : %s", pem, strerror(errno)); - else if (wsmand_options_get_ssl_key_file() && SSL_CTX_use_PrivateKey_file(CTX, wsmand_options_get_ssl_key_file(), SSL_FILETYPE_PEM) == 0) + SSL_CTX_free(CTX); + CTX = NULL; + } + else if (wsmand_options_get_ssl_key_file() && SSL_CTX_use_PrivateKey_file(CTX, wsmand_options_get_ssl_key_file(), SSL_FILETYPE_PEM) == 0) { elog(E_FATAL, NULL, "cannot open %s : %s", pem, strerror(errno)); + SSL_CTX_free(CTX); + CTX = NULL; + } ctx->ssl_ctx = CTX; } #endif /* NO_SSL */ ++++++ openwsman.service ++++++ --- /var/tmp/diff_new_pack.HV5ALu/_old 2014-03-21 13:52:21.000000000 +0100 +++ /var/tmp/diff_new_pack.HV5ALu/_new 2014-03-21 13:52:21.000000000 +0100 @@ -4,7 +4,7 @@ [Service] Type=forking -ExecStart=/usr/sbin/openwsmand +ExecStart=/usr/sbin/openwsmand -S [Install] WantedBy=multi-user.target ++++++ openwsman_2.4.3-0ubuntu5~precise2~ppa1.debian.tar.gz -> openwsman_2.4.4-0ubuntu1.debian.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/debian/changelog new/debian/changelog --- old/debian/changelog 2014-02-21 18:36:54.000000000 +0100 +++ new/debian/changelog 2014-03-07 15:41:26.000000000 +0100 @@ -1,8 +1,25 @@ -openwsman (2.4.3-0ubuntu5~precise2~ppa1) precise; urgency=low +openwsman (2.4.4-0ubuntu1) trusty; urgency=low - * No-change backport to precise + * New upstream release. + * Security related fixes: + * ws_xml_make_default_prefix() can overflow buf parameter via sprintf() + * ws_xml_make_default_prefix() can overflow buf parameter via sprintf() + * wsmc_create_request() potential buf[20] overflow via WSMAN_ACTION_RENEW + * LocalSubscriptionOpUpdate() unchecked fopen() + * Incorrect order of sanity guards in wsman_get_fault_status_from_doc() + * Unchecked memory allocation in wsman_init_plugins(), p->ifc + * Unchecked memory allocation in mem_double(), newptr + * Unchecked memory allocation in dictionary_new(), d, d->val, d->key, d->hash + * Unchecked memory allocation in u_error_new(), *error + * sighup_handler() in wsmand.c uses unsafe functions in a signal handler + * Features: + * add rcopenwsman command to systemd environments + * add rcopenwsmand command for backwards compatibility + * Bindings: + * support rdoc 2.1 in Ruby bindings + * cmake: use PYTHON_INCLUDE_DIRS - -- Kent Baxley <[email protected]> Fri, 21 Feb 2014 11:36:39 -0600 + -- Kent Baxley <[email protected]> Fri, 07 Mar 2014 08:37:38 -0600 openwsman (2.4.3-0ubuntu4) trusty; urgency=low diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/debian/patches/cmake-python-includes.patch new/debian/patches/cmake-python-includes.patch --- old/debian/patches/cmake-python-includes.patch 2013-01-09 15:13:38.000000000 +0100 +++ new/debian/patches/cmake-python-includes.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,22 +0,0 @@ -Description: Use all python include directories - PYTHON_INCLUDE_PATH seems deprecated anyway and when compiling the - C wrapper it needs the 64bit specific second include directory to - find pyconfig.h -Forwarded: pending -Origin: vendor, while importing a new upstream version -Author: Stefan Bader <[email protected]> -Last-Update: 2013-01-09 - -Index: openwsman-2.3.6/bindings/python/CMakeLists.txt -=================================================================== ---- openwsman-2.3.6.orig/bindings/python/CMakeLists.txt 2013-01-09 15:12:41.319560389 +0100 -+++ openwsman-2.3.6/bindings/python/CMakeLists.txt 2013-01-09 15:13:07.727689493 +0100 -@@ -36,7 +36,7 @@ SET(pywsman_SRCS ${SWIG_OUTPUT} ${CMAKE_ - ADD_LIBRARY( pywsman SHARED ${pywsman_SRCS} ) - SET_TARGET_PROPERTIES( pywsman PROPERTIES PREFIX "_" ) - --INCLUDE_DIRECTORIES( ${PYTHON_INCLUDE_PATH} ) -+INCLUDE_DIRECTORIES( ${PYTHON_INCLUDE_DIRS} ) - INCLUDE_DIRECTORIES( ${CMAKE_CURRENT_BINARY_DIR} ) - INCLUDE_DIRECTORIES( ${CMAKE_SOURCE_DIR} ${CMAKE_SOURCE_DIR}/bindings ${CMAKE_SOURCE_DIR}/include ) - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/debian/patches/series new/debian/patches/series --- old/debian/patches/series 2014-01-13 23:07:12.000000000 +0100 +++ new/debian/patches/series 1970-01-01 01:00:00.000000000 +0100 @@ -1 +0,0 @@ -cmake-python-includes.patch ++++++ openwsman_2.4.4-0ubuntu1.dsc ++++++ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 3.0 (quilt) Source: openwsman Binary: openwsman, libwsman-server1, libopenwsman1, libwsman1, libwsman-client2, libwsman-curl-client-transport1, libopenwsman-dev, libwsman-clientpp1, libwsman-clientpp-dev, python-openwsman Architecture: any all Version: 2.4.4-0ubuntu1 Maintainer: Ubuntu Developers <[email protected]> Homepage: http://sourceforge.net/projects/openwsman/ Standards-Version: 3.9.5 Build-Depends: debhelper (>= 9.0.0), cmake (>= 2.8.5), libssl-dev, libpam0g-dev, libxml2-dev, libcurl4-openssl-dev, libcimcclient0-dev, swig, python-dev Package-List: libopenwsman-dev deb libdevel extra libopenwsman1 deb oldlibs extra libwsman-client2 deb admin extra libwsman-clientpp-dev deb libdevel extra libwsman-clientpp1 deb admin extra libwsman-curl-client-transport1 deb admin extra libwsman-server1 deb admin extra libwsman1 deb admin extra openwsman deb admin extra python-openwsman deb python extra Checksums-Sha1: d26e75c277544cdb1d34f31c31aae3911529e53d 490064 openwsman_2.4.4.orig.tar.gz 15c778547ba515f59ee2f5ef7a8d419b0adb12a2 5094 openwsman_2.4.4-0ubuntu1.debian.tar.gz Checksums-Sha256: 7300f1b48a46476907b628c960ea6ae14a1e03e4d2471b8edb007b86c27f9d80 490064 openwsman_2.4.4.orig.tar.gz 89aaa3ba420328bc3250e07140387137ff6a96eed6b9ad41e9d0fe084d6257fc 5094 openwsman_2.4.4-0ubuntu1.debian.tar.gz Files: 8ecfa57f62ba81dbb20a08cb2c2cd6b5 490064 openwsman_2.4.4.orig.tar.gz d3dc93b36abfca2973643a14e6f1a975 5094 openwsman_2.4.4-0ubuntu1.debian.tar.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJTGdxiAAoJEB+62MwwnAYStJQH/0zrbd7bcU/83W5mPpU5PgN6 g/NY2GpH9D2yHAlt7EYzImWNmv1+bynslTEjfMB1fL+6S69XlHLX1AFbAX6UeI0F CYGNhWxHSoVNyXjn4N9XLlgB3x11lVUX22Kremf+3h53YlRjxPLoS8hskW9zrxuQ 6uEx7l7iJqZfaBiULc4/sG9foCXJQ1IBOFbr30cFqfEMfHB/TKGJ7MU7BKiHeKdJ /BWqjNDQXf3ttaWj0Rg4G5xbhyvOG/fiEkILdaV9INDK1EmVJXzjBjwkbM8hQwgm T+K4Y2DFWc+4/8efxFIUMzs0EVrHygkua7SH34ozFuQW5QdpcUGmRtfdEDULvSk= =AR93 -----END PGP SIGNATURE----- ++++++ openwsman_2.4.3.orig.tar.gz -> openwsman_2.4.4.orig.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.3/CMakeLists.txt new/openwsman-2.4.4/CMakeLists.txt --- old/openwsman-2.4.3/CMakeLists.txt 2013-12-23 11:47:33.000000000 +0100 +++ new/openwsman-2.4.4/CMakeLists.txt 2014-02-27 15:22:01.000000000 +0100 @@ -183,13 +183,17 @@ MESSAGE(STATUS "Building Python...") ENDIF (PYTHON_LINK_LIBS) ENDIF (PYTHON_LIBRARY) - IF(NOT PYTHON_INCLUDE_PATH ) + IF(NOT PYTHON_INCLUDE_DIRS ) + # fallback for older versions of cmake + SET(PYTHON_INCLUDE_DIRS PYTHON_INCLUDE_PATH) + ENDIF(NOT PYTHON_INCLUDE_DIRS ) + IF(NOT PYTHON_INCLUDE_DIRS ) IF(BUILD_PYTHON_EXPLICIT) NO_HEADERS_WARNING_EXPL(BUILD_PYTHON Python) ELSE(BUILD_PYTHON_EXPLICIT) NO_HEADERS_WARNING(BUILD_PYTHON Python) ENDIF(BUILD_PYTHON_EXPLICIT) - ENDIF(NOT PYTHON_INCLUDE_PATH ) + ENDIF(NOT PYTHON_INCLUDE_DIRS ) ENDIF( BUILD_PYTHON ) IF( BUILD_PERL ) @@ -258,6 +262,12 @@ MESSAGE( FATAL_ERROR " curl not found" ) ELSE ( NOT CURL_FOUND) INCLUDE_DIRECTORIES(${CURL_INCLUDE_DIR}) + IF(CURL_VERSION_STRING) + STRING(COMPARE LESS ${CURL_VERSION_STRING} "7.12.0" result) + IF(result LESS 0) + MESSAGE( FATAL_ERROR " curl version ${CURL_VERSION_STRING} is too low, need 7.12.0 or greater" ) + ENDIF(result LESS 0) + ENDIF(CURL_VERSION_STRING) ENDIF( NOT CURL_FOUND) # xml2 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.3/ChangeLog new/openwsman-2.4.4/ChangeLog --- old/openwsman-2.4.3/ChangeLog 2013-12-23 11:47:33.000000000 +0100 +++ new/openwsman-2.4.4/ChangeLog 2014-02-27 15:22:01.000000000 +0100 @@ -1,3 +1,22 @@ +2.4.4 +- Security update + - ws_xml_make_default_prefix() can overflow buf parameter via sprintf() + - ws_xml_make_default_prefix() can overflow buf parameter via sprintf() + - wsmc_create_request() potential buf[20] overflow via WSMAN_ACTION_RENEW + - LocalSubscriptionOpUpdate() unchecked fopen() + - Incorrect order of sanity guards in wsman_get_fault_status_from_doc() + - Unchecked memory allocation in wsman_init_plugins(), p->ifc + - Unchecked memory allocation in mem_double(), newptr + - Unchecked memory allocation in dictionary_new(), d, d->val, d->key, d->hash + - Unchecked memory allocation in u_error_new(), *error + - sighup_handler() in wsmand.c uses unsafe functions in a signal handler +- Features + - add rcopenwsman command to systemd environments + - add rcopenwsmand command for backwards compatibility +- Bindings + - support rdoc 2.1 in Ruby bindings + - cmake: use PYTHON_INCLUDE_DIRS + 2.4.3 - Bugfixes - Fix bindings for Java 1.5 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.3/VERSION.cmake new/openwsman-2.4.4/VERSION.cmake --- old/openwsman-2.4.3/VERSION.cmake 2013-12-23 11:47:33.000000000 +0100 +++ new/openwsman-2.4.4/VERSION.cmake 2014-02-27 15:22:01.000000000 +0100 @@ -44,10 +44,10 @@ # set COMPATMINOR to MINOR. (binary incompatible change) # -# Package version 2.4.3 +# Package version 2.4.4 SET(OPENWSMAN_MAJOR "2") SET(OPENWSMAN_MINOR "4") -SET(OPENWSMAN_PATCH "3") +SET(OPENWSMAN_PATCH "4") # Plugin API 2.2 SET(OPENWSMAN_PLUGIN_API_MAJOR "2") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.3/bindings/python/CMakeLists.txt new/openwsman-2.4.4/bindings/python/CMakeLists.txt --- old/openwsman-2.4.3/bindings/python/CMakeLists.txt 2013-12-23 11:47:33.000000000 +0100 +++ new/openwsman-2.4.4/bindings/python/CMakeLists.txt 2014-02-27 15:22:01.000000000 +0100 @@ -36,7 +36,7 @@ ADD_LIBRARY( pywsman SHARED ${pywsman_SRCS} ) SET_TARGET_PROPERTIES( pywsman PROPERTIES PREFIX "_" ) -INCLUDE_DIRECTORIES( ${PYTHON_INCLUDE_PATH} ) +INCLUDE_DIRECTORIES( ${PYTHON_INCLUDE_DIRS} ) INCLUDE_DIRECTORIES( ${CMAKE_CURRENT_BINARY_DIR} ) INCLUDE_DIRECTORIES( ${CMAKE_SOURCE_DIR} ${CMAKE_SOURCE_DIR}/bindings ${CMAKE_SOURCE_DIR}/include ) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.3/bindings/ruby/README.rdoc new/openwsman-2.4.4/bindings/ruby/README.rdoc --- old/openwsman-2.4.3/bindings/ruby/README.rdoc 2013-12-23 11:47:33.000000000 +0100 +++ new/openwsman-2.4.4/bindings/ruby/README.rdoc 2014-02-27 15:22:01.000000000 +0100 @@ -2,9 +2,9 @@ home :: http://openwsman.github.io wiki :: https://github.com/Openwsman/openwsman/wiki -mailing list :: [email protected] +mailing list :: mailto:[email protected] source :: https://github.com/Openwsman/openwsman -rdoc :: http://www.suse.de/~kkaempf/openwsman +rdoc :: http://openwsman.github.io/rdoc bugs :: https://github.com/Openwsman/openwsman/issues code climate :: {<img src="https://codeclimate.com/github/Openwsman/openwsman.png";>}[https://codeclimate.com/github/Openwsman/openwsman] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.3/bindings/ruby/rdoc1_9.rb new/openwsman-2.4.4/bindings/ruby/rdoc1_9.rb --- old/openwsman-2.4.3/bindings/ruby/rdoc1_9.rb 1970-01-01 01:00:00.000000000 +0100 +++ new/openwsman-2.4.4/bindings/ruby/rdoc1_9.rb 2014-03-21 13:52:21.000000000 +0100 @@ -0,0 +1 @@ +symbolic link to /usr/bin/rdoc diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.3/bindings/ruby/rdoc2.1 new/openwsman-2.4.4/bindings/ruby/rdoc2.1 --- old/openwsman-2.4.3/bindings/ruby/rdoc2.1 1970-01-01 01:00:00.000000000 +0100 +++ new/openwsman-2.4.4/bindings/ruby/rdoc2.1 2014-02-27 15:22:01.000000000 +0100 @@ -0,0 +1,10 @@ +#!/usr/bin/env ruby +require 'rdoc' + +require 'rdoc/encoding' +require 'rdoc/parser' + +# Simple must come first +require 'rdoc/parser/simple' +require File.join(File.dirname(__FILE__),'rdoc_parser_swig') +require File.join(File.dirname(__FILE__),'rdoc2_1') diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.3/bindings/ruby/rdoc2_0.rb new/openwsman-2.4.4/bindings/ruby/rdoc2_0.rb --- old/openwsman-2.4.3/bindings/ruby/rdoc2_0.rb 1970-01-01 01:00:00.000000000 +0100 +++ new/openwsman-2.4.4/bindings/ruby/rdoc2_0.rb 2014-03-21 13:52:21.000000000 +0100 @@ -0,0 +1 @@ +symbolic link to /usr/bin/rdoc diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.3/bindings/ruby/rdoc2_1.rb new/openwsman-2.4.4/bindings/ruby/rdoc2_1.rb --- old/openwsman-2.4.3/bindings/ruby/rdoc2_1.rb 1970-01-01 01:00:00.000000000 +0100 +++ new/openwsman-2.4.4/bindings/ruby/rdoc2_1.rb 2014-03-21 13:52:21.000000000 +0100 @@ -0,0 +1 @@ +symbolic link to /usr/bin/rdoc diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.3/configure.in new/openwsman-2.4.4/configure.in --- old/openwsman-2.4.3/configure.in 2013-12-23 11:47:33.000000000 +0100 +++ new/openwsman-2.4.4/configure.in 2014-02-27 15:22:01.000000000 +0100 @@ -3,7 +3,7 @@ dnl ******************************************* AC_PREREQ(2.53) -AC_INIT(openwsman, 2.3.7) +AC_INIT(openwsman, 2.4.4) AC_CONFIG_SRCDIR(src/server/wsmand.c) AC_CANONICAL_HOST AC_CONFIG_MACRO_DIR([m4]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.3/package/openwsman.spec.in new/openwsman-2.4.4/package/openwsman.spec.in --- old/openwsman-2.4.3/package/openwsman.spec.in 2013-12-23 11:47:33.000000000 +0100 +++ new/openwsman-2.4.4/package/openwsman.spec.in 2014-02-27 15:22:01.000000000 +0100 @@ -54,10 +54,13 @@ BuildRequires: pkgconfig BuildRequires: ruby +# RHEL6 is missing ruby-devel in OBS +%if 0%{?rhel_version} != 700 BuildRequires: ruby-devel %if 0%{?fedora} == 0 BuildRequires: ruby-rdoc %endif +%endif %if 0%{?fedora} == 19 BuildRequires: rubypick @@ -340,6 +343,10 @@ mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/init.d install -m 755 build/etc/init/openwsmand.sh $RPM_BUILD_ROOT%{_sysconfdir}/init.d/openwsmand ln -sf %{_sysconfdir}/init.d/openwsmand $RPM_BUILD_ROOT%{_sbindir}/rcopenwsmand +%else +# rcopenwsmand for systemd +ln -sf %{_sbindir}/service $RPM_BUILD_ROOT%{_sbindir}/rcopenwsman +ln -sf %{_sbindir}/rcopenwsman $RPM_BUILD_ROOT%{_sbindir}/rcopenwsmand %endif install -m 644 etc/openwsman.conf $RPM_BUILD_ROOT%{_sysconfdir}/openwsman install -m 644 etc/openwsman_client.conf $RPM_BUILD_ROOT%{_sysconfdir}/openwsman @@ -471,8 +478,11 @@ %endif %if 0%{?suse_version} <= 1210 %attr(0755,root,root) %{_sysconfdir}/init.d/openwsmand -%{_sbindir}/rcopenwsmand +%else +%{_sbindir}/rcopenwsman %endif +# backwards compatibility +%{_sbindir}/rcopenwsmand %dir %{_libdir}/openwsman %dir %{_libdir}/openwsman/authenticators %{_libdir}/openwsman/authenticators/*.so diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.3/src/lib/u/iniparser.c new/openwsman-2.4.4/src/lib/u/iniparser.c --- old/openwsman-2.4.3/src/lib/u/iniparser.c 2013-12-23 11:47:33.000000000 +0100 +++ new/openwsman-2.4.4/src/lib/u/iniparser.c 2014-02-27 15:22:01.000000000 +0100 @@ -152,6 +152,10 @@ void *newptr; newptr = calloc(2*size, 1); + if (newptr == NULL) { + fprintf(stderr, "mem_double: allocation failed\n"); + return NULL; + } memcpy(newptr, ptr, size); free(ptr); return newptr ; @@ -214,11 +218,16 @@ if (size<DICTMINSZ) size=DICTMINSZ ; d = (dictionary *)calloc(1, sizeof(dictionary)); - d->size = size ; - d->val = (char **)calloc(size, sizeof(char*)); - d->key = (char **)calloc(size, sizeof(char*)); - d->hash = (unsigned int *)calloc(size, sizeof(unsigned)); - + if (d != NULL) { + d->size = size ; + d->val = (char **)calloc(size, sizeof(char*)); + d->key = (char **)calloc(size, sizeof(char*)); + d->hash = (unsigned int *)calloc(size, sizeof(unsigned)); + } + if ((d == NULL) || (d->val == NULL) || (d->key == NULL) || (d->hash == NULL)) { + fprintf(stderr, "dictionary_new: memory allocation failure\n"); + d = NULL; + } return d; } @@ -346,8 +355,14 @@ /* Reached maximum size: reallocate blackboard */ d->val = (char **)mem_double(d->val, d->size * sizeof(char*)) ; + if (d->val == NULL) + exit(1); d->key = (char **)mem_double(d->key, d->size * sizeof(char*)) ; + if (d->key == NULL) + exit(1); d->hash = (unsigned int *)mem_double(d->hash, d->size * sizeof(unsigned)) ; + if (d->hash == NULL) + exit(1); /* Double size */ d->size *= 2 ; @@ -874,6 +889,8 @@ * Initialize a new dictionary entry */ d = dictionary_new(0); + if (d == NULL) + return d; lineno = 0 ; while (fgets(lin, ASCIILINESZ, ini)!=NULL) { lineno++ ; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.3/src/lib/u/uerr.c new/openwsman-2.4.4/src/lib/u/uerr.c --- old/openwsman-2.4.3/src/lib/u/uerr.c 2013-12-23 11:47:33.000000000 +0100 +++ new/openwsman-2.4.4/src/lib/u/uerr.c 2014-02-27 15:22:01.000000000 +0100 @@ -44,6 +44,10 @@ return; *error = u_malloc(sizeof(u_error_t)); + if (*error == NULL) { + fprintf(stderr, "u_error_new: memory allocation failure\n"); + return; + } (*error)->code = code; va_start(args, format); (*error)->message = u_strdup_vprintf(format, args); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.3/src/lib/wsman-client.c new/openwsman-2.4.4/src/lib/wsman-client.c --- old/openwsman-2.4.3/src/lib/wsman-client.c 2013-12-23 11:47:33.000000000 +0100 +++ new/openwsman-2.4.4/src/lib/wsman-client.c 2014-02-27 15:22:01.000000000 +0100 @@ -855,7 +855,6 @@ WsXmlNodeH header; WsXmlNodeH node; char *_action = NULL; - char buf[20]; if (action == WSMAN_ACTION_IDENTIFY) { request = ws_xml_create_envelope(); } else { @@ -964,14 +963,18 @@ } break; case WSMAN_ACTION_RENEW: + { + char buf[20]; node = ws_xml_add_child(body, XML_NS_EVENTING, WSEVENT_RENEW, NULL); - sprintf(buf, "PT%fS", options->expires); + /* %f default precision is 6 -> [-]ddd.ddd */ + snprintf(buf, 20, "PT%fS", options->expires); ws_xml_add_child(node, XML_NS_EVENTING, WSEVENT_EXPIRES, buf); if(data) { if(((char *)data)[0] != 0) add_subscription_context(ws_xml_get_soap_header(request), (char *)data); } + } break; case WSMAN_ACTION_NONE: case WSMAN_ACTION_TRANSFER_CREATE: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.3/src/lib/wsman-faults.c new/openwsman-2.4.4/src/lib/wsman-faults.c --- old/openwsman-2.4.3/src/lib/wsman-faults.c 2013-12-23 11:47:33.000000000 +0100 +++ new/openwsman-2.4.4/src/lib/wsman-faults.c 2014-02-27 15:22:01.000000000 +0100 @@ -607,22 +607,37 @@ wsman_get_fault_status_from_doc (WsXmlDocH doc, WsmanStatus *status) { int i; - char *subcode_value=ws_xml_get_xpath_value(doc, FAULT_SUBCODE_VALUE_XPATH); - char *subcode_value_msg =calloc(1,strlen(subcode_value)); - char *start_pos = strchr(subcode_value,':'); - strcpy(subcode_value_msg, start_pos+1); - if (strlen(subcode_value)== 0 ) return ; + char *subcode_value = ws_xml_get_xpath_value(doc, FAULT_SUBCODE_VALUE_XPATH); + char *subcode_value_msg; + char *start_pos; + + if (strlen(subcode_value) == 0) + return; + + subcode_value_msg = calloc(1, strlen(subcode_value)); + if (subcode_value_msg == NULL) { + error("Out of memory"); + status->fault_code = WSMAN_INTERNAL_ERROR; + /* some default values */ + status->fault_detail_code = OWSMAN_SYSTEM_ERROR; + status->fault_msg = NULL; + return; + } + + start_pos = strchr(subcode_value, ':'); + if (start_pos != NULL) { + strcpy(subcode_value_msg, start_pos+1); - int nfaults = sizeof (fault_code_table) / sizeof (fault_code_table[0]); - for (i = 0; i < nfaults; i++) { - if (strcmp (subcode_value_msg , fault_code_table[i].subCode) == 0) { - status->fault_code = fault_code_table[i].fault_code; - //some default values - status->fault_detail_code = 0; - status->fault_msg='\0'; - return; + int nfaults = sizeof (fault_code_table) / sizeof (fault_code_table[0]); + for (i = 0; i < nfaults; i++) { + if (strcmp (subcode_value_msg , fault_code_table[i].subCode) == 0) { + status->fault_code = fault_code_table[i].fault_code; + /* some default values */ + status->fault_detail_code = 0; + status->fault_msg = NULL; + return; + } } - } return; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.3/src/lib/wsman-server.c new/openwsman-2.4.4/src/lib/wsman-server.c --- old/openwsman-2.4.3/src/lib/wsman-server.c 2013-12-23 11:47:33.000000000 +0100 +++ new/openwsman-2.4.4/src/lib/wsman-server.c 2014-02-27 15:22:01.000000000 +0100 @@ -102,6 +102,10 @@ p->ifc = (WsDispatchInterfaceInfo *) malloc(sizeof(WsDispatchInterfaceInfo)); + if (p->ifc == NULL) { + error("Memory allocation error while loading plugin"); + return NULL; + } ifcinfo = p->ifc; ifcinfo->extraData = p->data; p->set_config = dlsym(p->p_handle, "set_config"); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.3/src/lib/wsman-subscription-repository.c new/openwsman-2.4.4/src/lib/wsman-subscription-repository.c --- old/openwsman-2.4.3/src/lib/wsman-subscription-repository.c 2013-12-23 11:47:33.000000000 +0100 +++ new/openwsman-2.4.4/src/lib/wsman-subscription-repository.c 2014-02-27 15:22:01.000000000 +0100 @@ -49,16 +49,25 @@ #include "wsman-xml-binding.h" int LocalSubscriptionOpInit (char * uri_repository, void *opaqueData); -int LocalSubscriptionOpFinalize(char * uri_repository, void *opaqueData); -int LocalSubscriptionOpGet(char * uri_repository, char * uuid, unsigned char **subscriptionDoc, int *len); -int LocalSubscriptionOpSearch(char * uri_repository, char * uuid); +int LocalSubscriptionOpFinalize (char * uri_repository, void *opaqueData); +int LocalSubscriptionOpGet (char * uri_repository, char * uuid, unsigned char **subscriptionDoc, int *len); +int LocalSubscriptionOpSearch (char * uri_repository, char * uuid); int LocalSubscriptionOpLoad (char * uri_repository, list_t * subscription_list); int LocalSubscriptionOpSave (char * uri_repository, char * uuid, unsigned char *subscriptionDoc); -int LocalSubscriptionOpUpdate(char * uri_repository, char * uuid, char *expire); +int LocalSubscriptionOpUpdate (char * uri_repository, char * uuid, char *expire); int LocalSubscriptionOpDelete (char * uri_repository, char * uuid); -struct __SubsRepositoryOpSet subscription_repository_op_set = {LocalSubscriptionOpInit, LocalSubscriptionOpFinalize, LocalSubscriptionOpLoad, LocalSubscriptionOpGet, LocalSubscriptionOpSearch, LocalSubscriptionOpSave, LocalSubscriptionOpUpdate, LocalSubscriptionOpDelete}; +struct __SubsRepositoryOpSet subscription_repository_op_set = { + LocalSubscriptionOpInit, + LocalSubscriptionOpFinalize, + LocalSubscriptionOpLoad, + LocalSubscriptionOpGet, + LocalSubscriptionOpSearch, + LocalSubscriptionOpSave, + LocalSubscriptionOpUpdate, + LocalSubscriptionOpDelete +}; static int LocalSubscriptionInitFlag = 0; @@ -76,8 +85,7 @@ int LocalSubscriptionOpFinalize(char * uri_repository, void *opaqueData) { - if(LocalSubscriptionInitFlag == 0) return -1; - return 0; + return (LocalSubscriptionInitFlag == 0) ? -1 : 0; } int LocalSubscriptionOpGet(char * uri_repository, char * uuid, unsigned char **subscriptionDoc, int *len) @@ -86,24 +94,32 @@ unsigned char *buf = NULL; int count,m; int pre_count; + char *subs_path; + FILE *fp; + count = m = 0; *subscriptionDoc = NULL; - if(LocalSubscriptionInitFlag == 0) return -1; - char *subs_path = u_strdup_printf ("%s/uuid:%s", uri_repository, uuid); - FILE *fp = fopen(subs_path, "r"); + if (LocalSubscriptionInitFlag == 0) + return -1; + subs_path = u_strdup_printf ("%s/uuid:%s", uri_repository, uuid); + fp = fopen(subs_path, "r"); + if (fp == NULL) { + error("Can't open %s: %s", subs_path, strerror(errno)); + u_free(subs_path); + return -1; + } u_free(subs_path); - if(fp == NULL) return -1; - while(!feof(fp)) { - memset(block, 0, 512); - m = fread(block, 1, 511, fp); - if(m > 0) { - debug("read [%s] from file, len = %d",block, m); - pre_count = count; - count += m; - debug("buf = %0x, count = %d", buf, count); - buf = u_realloc(buf, count); - memcpy(buf+pre_count, block, m); - } + while (!feof(fp)) { + memset(block, 0, 512); + m = fread(block, 1, 511, fp); + if (m > 0) { + debug("read [%s] from file, len = %d",block, m); + pre_count = count; + count += m; + debug("buf = %0x, count = %d", buf, count); + buf = u_realloc(buf, count); + memcpy(buf+pre_count, block, m); + } } fclose(fp); *subscriptionDoc = buf; @@ -113,11 +129,18 @@ int LocalSubscriptionOpSearch(char * uri_repository, char * uuid) { - if(LocalSubscriptionInitFlag == 0) return -1; - char *subs_path = u_strdup_printf ("%s/uuid:%s", uri_repository, uuid); - FILE *fp = fopen(subs_path, "r"); + char *subs_path; + FILE *fp; + if (LocalSubscriptionInitFlag == 0) + return -1; + subs_path = u_strdup_printf ("%s/uuid:%s", uri_repository, uuid); + fp = fopen(subs_path, "r"); + if (fp == NULL) { + error("Can't open %s: %s", subs_path, strerror(errno)); + u_free(subs_path); + return -1; + } u_free(subs_path); - if(fp == NULL) return -1; fclose(fp); return 0; } @@ -129,29 +152,38 @@ int pre_count; char block[512]; unsigned char *buf = NULL; - if(LocalSubscriptionInitFlag == 0) return -1; - if(subscription_list == NULL) - return -1; - if (0 > (n = scandir (uri_repository, &namelist, 0, alphasort))) - { - return -1; - } else { - while (n--) - { + + if (LocalSubscriptionInitFlag == 0) + return -1; + if (subscription_list == NULL) + return -1; + if (0 > (n = scandir (uri_repository, &namelist, 0, alphasort))) { + return -1; + } + else { + while (n--) { + char *subs_path; + FILE *subs; lnode_t *node; - if(strstr(namelist[n]->d_name,"uuid") == NULL || strlen(namelist[n]->d_name) < 41) { + + if (strstr(namelist[n]->d_name,"uuid") == NULL || strlen(namelist[n]->d_name) < 41) { u_free(namelist[n]); continue; } - char *subs_path = u_strdup_printf ("%s/%s", uri_repository, namelist[n]->d_name); - FILE *subs = fopen(subs_path, "r"); + subs_path = u_strdup_printf ("%s/%s", uri_repository, namelist[n]->d_name); + subs = fopen(subs_path, "r"); + if (subs == NULL) { + error("Can't open %s: %s", subs_path, strerror(errno)); + u_free(subs_path); + return -1; + } u_free(subs_path); count = 0; buf = NULL; - while(!feof(subs)) { + while (!feof(subs)) { memset(block, 0, 512); m = fread(block, 1, 511, subs); - if(m > 0) { + if (m > 0) { pre_count = count; count += m; buf = u_realloc(buf, count); @@ -160,7 +192,7 @@ } fclose(subs); SubsRepositoryEntryH entry = u_malloc(sizeof(*entry)); - if(entry) { + if (entry) { entry->strdoc = buf; entry->len = count; entry->uuid = u_strdup(namelist[n]->d_name); @@ -170,37 +202,52 @@ } u_free(namelist[n]); } - u_free(namelist); + u_free(namelist); } return 0; } + int LocalSubscriptionOpSave (char * uri_repository, char * uuid, unsigned char *subscriptionDoc) { char buf[U_NAME_MAX]; - if(LocalSubscriptionInitFlag == 0) return -1; + FILE *subsfile; + + if (LocalSubscriptionInitFlag == 0) + return -1; snprintf(buf, U_NAME_MAX, "%s/uuid:%s", uri_repository, uuid); - FILE *subsfile = fopen(buf, "w"); - if(subsfile == NULL) return -1; + subsfile = fopen(buf, "w"); + if (subsfile == NULL) { + error("Can't open %s: %s", buf, strerror(errno)); + return -1; + } fprintf(subsfile, "%s", subscriptionDoc); fclose(subsfile); return 0; } + int LocalSubscriptionOpUpdate(char * uri_repository, char * uuid, char *expire) { char buf[U_NAME_MAX]; - if(LocalSubscriptionInitFlag == 0) return -1; - snprintf(buf, U_NAME_MAX, "%s/uuid:%s", uri_repository, uuid); WsXmlDocH doc= NULL; char *temp; int len = 0; + + if (LocalSubscriptionInitFlag == 0) + return -1; + snprintf(buf, U_NAME_MAX, "%s/uuid:%s", uri_repository, uuid); doc = xml_parser_file_to_doc( buf, "UTF-8", 0); - if(doc) { + if (doc) { + FILE *subsfile; WsXmlNodeH node = ws_xml_get_child(ws_xml_get_soap_body(doc), 0, XML_NS_EVENTING, WSEVENT_SUBSCRIBE); node = ws_xml_get_child(node, 0, XML_NS_EVENTING, WSEVENT_EXPIRES); ws_xml_set_node_text(node, expire); ws_xml_dump_memory_enc(doc, &temp, &len, "UTF-8"); - FILE *subsfile = fopen(buf, "w"); + subsfile = fopen(buf, "w"); + if (subsfile == NULL) { + error("Can't open %s: %s", buf, strerror(errno)); + return -1; + } fprintf(subsfile, "%s", temp); fclose(subsfile); ws_xml_free_memory(temp); @@ -208,13 +255,15 @@ } return 0; } + int LocalSubscriptionOpDelete (char * uri_repository, char * uuid) { char buf[U_NAME_MAX]; - if(LocalSubscriptionInitFlag == 0) return -1; + + if (LocalSubscriptionInitFlag == 0) + return -1; snprintf(buf, U_NAME_MAX, "%s/uuid:%s", uri_repository, uuid); - int r = unlink(buf); - if(r) { + if (unlink(buf)) { debug("unlink %s failed! %s", buf, strerror(errno)); } return 0; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.3/src/lib/wsman-xml.c new/openwsman-2.4.4/src/lib/wsman-xml.c --- old/openwsman-2.4.3/src/lib/wsman-xml.c 2013-12-23 11:47:33.000000000 +0100 +++ new/openwsman-2.4.4/src/lib/wsman-xml.c 2014-02-27 15:22:01.000000000 +0100 @@ -94,13 +94,13 @@ for (i = 0; g_wsNsData[i].uri != NULL; i++) { WsXmlNsData *nsd = &g_wsNsData[i]; if (strcmp(uri, nsd->uri) == 0 && nsd->prefix) { - sprintf(buf, "%s", nsd->prefix ); + snprintf(buf, bufsize, "%s", nsd->prefix ); return; } } } if(g_wsNsData[i].uri == NULL && bufsize >= 12) - sprintf(buf, "n%lu", ++doc->prefixIndex); + snprintf(buf, bufsize, "n%lu", ++doc->prefixIndex); else buf[0] = 0; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.3/src/plugins/redirect/redirect.c new/openwsman-2.4.4/src/plugins/redirect/redirect.c --- old/openwsman-2.4.3/src/plugins/redirect/redirect.c 2013-12-23 11:47:33.000000000 +0100 +++ new/openwsman-2.4.4/src/plugins/redirect/redirect.c 2014-02-27 15:22:01.000000000 +0100 @@ -99,7 +99,10 @@ dictionary *ini, *inc_ini; filename = (char *) wsmand_options_get_config_file(); ini = iniparser_new(filename); - + if (ini == NULL) { + error("redirect: iniparser_new failed"); + return 0; + } redirect_data = malloc (sizeof(struct __Redirect_Data)); if (redirect_data == NULL){ error("Failed while allocating memory for redirect_data"); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.3/src/plugins/swig/python/CMakeLists.txt new/openwsman-2.4.4/src/plugins/swig/python/CMakeLists.txt --- old/openwsman-2.4.3/src/plugins/swig/python/CMakeLists.txt 2013-12-23 11:47:33.000000000 +0100 +++ new/openwsman-2.4.4/src/plugins/swig/python/CMakeLists.txt 2014-02-27 15:22:01.000000000 +0100 @@ -16,7 +16,7 @@ ENDIF (NOT PYTHON_SITE_DIR) MESSAGE(STATUS "Python executable: ${PYTHON_EXECUTABLE}") -MESSAGE(STATUS "Python inc dir: ${PYTHON_INCLUDE_PATH}") +MESSAGE(STATUS "Python inc dir: ${PYTHON_INCLUDE_DIRS}") MESSAGE(STATUS "Python lib dir: ${PYTHON_LIB_DIR}") #MESSAGE(STATUS "Python libraries: ${PYTHON_LIBRARIES}") MESSAGE(STATUS "Python site dir: ${PYTHON_SITE_DIR}") @@ -43,7 +43,7 @@ INCLUDE_DIRECTORIES( ${CMAKE_BINARY_DIR} ) # all other wsman includes INCLUDE_DIRECTORIES( ${CMAKE_SOURCE_DIR}/include ) -INCLUDE_DIRECTORIES( ${PYTHON_INCLUDE_PATH} ) +INCLUDE_DIRECTORIES( ${PYTHON_INCLUDE_DIRS} ) # # wsman_python_plugin.so diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.3/src/server/wsmand-listener.c new/openwsman-2.4.4/src/server/wsmand-listener.c --- old/openwsman-2.4.3/src/server/wsmand-listener.c 2013-12-23 11:47:33.000000000 +0100 +++ new/openwsman-2.4.4/src/server/wsmand-listener.c 2014-02-27 15:22:01.000000000 +0100 @@ -674,21 +674,21 @@ WsManListenerH *listener = wsman_dispatch_list_new(); listener->config = ini; WsContextH cntx = wsman_init_plugins(listener); - int num_threads=0; - int max_threads=wsmand_options_get_max_threads(); + int num_threads = 0; + int max_threads = wsmand_options_get_max_threads(); int max_connections_per_thread = wsmand_options_get_max_connections_per_thread(); - if(max_threads && !max_connections_per_thread){ + if (max_threads && !max_connections_per_thread) { error("max_threads: %d and max_connections_per_thread : %d", max_threads, max_connections_per_thread); return listener; } + if (cntx == NULL) { + return listener; + } #ifdef ENABLE_EVENTING_SUPPORT wsman_event_init(cntx->soap); #endif - if (cntx == NULL) { - return listener; - } #ifndef HAVE_SSL if (use_ssl) { error("Server configured without SSL support"); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openwsman-2.4.3/src/server/wsmand.c new/openwsman-2.4.4/src/server/wsmand.c --- old/openwsman-2.4.3/src/server/wsmand.c 2013-12-23 11:47:33.000000000 +0100 +++ new/openwsman-2.4.4/src/server/wsmand.c 2014-02-27 15:22:01.000000000 +0100 @@ -141,8 +141,6 @@ static void sighup_handler(int sig_num) { - debug("SIGHUP received; reloading data"); - if (wsmand_options_get_debug_level() == 0) { int fd; -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
![https://codeclimate.com/github/Openwsman/openwsman.png"](https://codeclimate.com/github/Openwsman/openwsman.png"){kind=link}