Hello community, here is the log from the commit of package sblim-sfcb for openSUSE:Factory checked in at 2013-07-09 21:11:58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/sblim-sfcb (Old) and /work/SRC/openSUSE:Factory/.sblim-sfcb.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "sblim-sfcb" Changes: -------- --- /work/SRC/openSUSE:Factory/sblim-sfcb/sblim-sfcb.changes 2013-01-02 13:01:44.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.sblim-sfcb.new/sblim-sfcb.changes 2013-07-09 21:11:59.000000000 +0200 @@ -1,0 +2,14 @@ +Mon Jun 10 07:35:47 UTC 2013 - [email protected] + +- HTTP verb check may fail producing 501 error (bnc#820035, + upstream tix#45) + Dropping 0008-Check_SSL_before_select.patch, use upstream fix. + +------------------------------------------------------------------- +Fri May 3 07:48:39 UTC 2013 - [email protected] + +- check SSL buffer before select() + (like upstream 3441028, bnc#716299; but when reading https header) + Adding 0008-Check_SSL_before_select.patch + +------------------------------------------------------------------- New: ---- 25000-tix45-bnc820035-HTTP-verb-check-may-fail-producing-501-error.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ sblim-sfcb.spec ++++++ --- /var/tmp/diff_new_pack.f9ORP6/_old 2013-07-09 21:12:00.000000000 +0200 +++ /var/tmp/diff_new_pack.f9ORP6/_new 2013-07-09 21:12:00.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package sblim-sfcb # -# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -49,6 +49,7 @@ Patch4: 0004-Don-t-call-tool_mm_flush-during-OPS_LoadProvider.patch Patch6: 0006-Reflect-provider-information-in-ps-via-argv.patch Patch7: sblim-resource.patch +Patch8: 25000-tix45-bnc820035-HTTP-verb-check-may-fail-producing-501-error.patch Provides: cim-server Provides: cimserver %if 0%{?suse_version} >= 1030 @@ -113,6 +114,7 @@ %patch4 -p1 %patch6 -p1 %patch7 -p1 +%patch8 -p1 export PATCH_GET=0 @@ -139,8 +141,8 @@ touch test/unittest/Makefile.in touch test/slptest/Makefile.in touch test/localtests/Makefile.in -sh ./autoconfiscate.sh mkdir -p m4 +sh ./autoconfiscate.sh %if 0%{?rhel_version} == 0 && 0%{?centos_version} == 0 WITH_SLP=--enable-slp %else @@ -239,7 +241,7 @@ fi # follow http://en.opensuse.org/openSUSE:Systemd_packaging_guidelines %if 0%{?has_systemd} -if [-f /var/lib/systemd/migrated/%{name}]; then +if [ -f /var/lib/systemd/migrated/%{name} ]; then %service_add_pre sfcbd.service fi %endif ++++++ 25000-tix45-bnc820035-HTTP-verb-check-may-fail-producing-501-error.patch ++++++ diff -wruN -x '*~' -x '*.o' -x '*.a' -x '*.so' -x '*.so.[0-9]' -x autom4te.cache -x .deps -x .libs -x Makefile -x Makefile ../orig-sblim-sfcb-1.3.16/httpAdapter.c ./httpAdapter.c --- ../orig-sblim-sfcb-1.3.16/httpAdapter.c 2012-10-06 03:19:15.000000000 +0200 +++ ./httpAdapter.c 2013-06-10 09:34:16.826694978 +0200 @@ -690,7 +690,7 @@ static int getHdrs(CommHndl conn_fd, Buffer * b, char *cmd) { - int first=1,total=0,isReady; + int checked=0,total=0,isReady; fd_set httpfds; int state=0; @@ -727,14 +727,13 @@ add2buffer(b, buf, r); total+=r; - /* on first run through, ensure that this is a POST req. */ - if (r && first) { - if (strncasecmp(buf,cmd,strlen(cmd)) != 0) { - /* not what we expected - still continue to read to - not confuse the client */ + /* Check that the HTTP verb is what we expect. If not, + continue to read anyway to not confuse the client. */ + if (!checked && total >= strlen(cmd)) { + if (strncasecmp(b->data,cmd,strlen(cmd)) != 0) { state = 1; } - first=0; + checked=1; } /* success condition: end of header */ ++++++ autoconfiscate.sh ++++++ --- /var/tmp/diff_new_pack.f9ORP6/_old 2013-07-09 21:12:00.000000000 +0200 +++ /var/tmp/diff_new_pack.f9ORP6/_new 2013-07-09 21:12:00.000000000 +0200 @@ -3,7 +3,7 @@ autoheader --force && libtoolize --force && automake -af && -autoconf --force && +autoconf --force #if test -d test; then cd test && ./autoconfiscate.sh && cd ..; fi if test -f mofc/autoconfiscate.sh; then cd mofc && ./autoconfiscate.sh; fi if test -f cmpi-devel/autoconfiscate.sh; then cd cmpi-devel && ./autoconfiscate.sh; fi -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
