Hello community,
here is the log from the commit of package openwsman for openSUSE:Factory
checked in at 2016-06-23 13:36:59
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/openwsman (Old)
and /work/SRC/openSUSE:Factory/.openwsman.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openwsman"
Changes:
--------
--- /work/SRC/openSUSE:Factory/openwsman/openwsman.changes 2015-12-24
12:16:03.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.openwsman.new/openwsman.changes 2016-06-23
13:37:08.000000000 +0200
@@ -1,0 +2,12 @@
+Mon Jun 20 13:20:46 UTC 2016 - kkae...@suse.com
+
+- update to 2.6.3
+ - Bugfixes
+ - Prevent buffer overflow if digest realm too long
+ - Ensure path starts with '/' in client data endpoint
+ - Java bindings build fix
+ - Fix SSL library, usage is not thread safe (vcrhonek)
+ - Improve NetBSD and OSX builds (apjanke)
+ - Install winrs with correct name and permissions
+
+-------------------------------------------------------------------
@@ -5,0 +18,5 @@
+
+-------------------------------------------------------------------
+Wed Dec 2 18:06:54 UTC 2015 - srinidhi...@microfocus.com
+
+- Install winrs with executable permissions
Old:
----
add-shebang-to-winrs.patch
openwsman-2.6.2.tar.bz2
New:
----
openwsman-2.6.3.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ openwsman.spec ++++++
--- /var/tmp/diff_new_pack.zgMAbN/_old 2016-06-23 13:37:09.000000000 +0200
+++ /var/tmp/diff_new_pack.zgMAbN/_new 2016-06-23 13:37:09.000000000 +0200
@@ -1,7 +1,7 @@
#
# spec file for package openwsman
#
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -122,7 +122,7 @@
%endif
Requires(pre): sed coreutils grep /bin/hostname
-Version: 2.6.2
+Version: 2.6.3
Release: 0
# Mandriva:
# Release %%mkrel 1
@@ -141,7 +141,6 @@
Source3: %{name}.SuSEfirewall2
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Source4: %{name}.service
-Patch2: add-shebang-to-winrs.patch
%description
Opensource Implementation of WS-Management protocol stack
@@ -325,7 +324,6 @@
%if 0%{?fedora_version} || 0%{?centos_version} || 0%{?rhel_version} ||
0%{?fedora} || 0%{?rhel}
%patch1 -p1
%endif
-%patch2 -p1
%build
rm -rf build
@@ -390,10 +388,6 @@
install -D -m 644 %{S:3}
$RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/openwsman
%endif
-# rename winrs.rb -> winrs
-mv $RPM_BUILD_ROOT%{_bindir}/winrs.rb $RPM_BUILD_ROOT%{_bindir}/winrs
-chmod 755 $RPM_BUILD_ROOT%{_bindir}/winrs
-
%post -n libwsman3 -p /sbin/ldconfig
%postun -n libwsman3
++++++ openwsman-2.6.2.tar.bz2 -> openwsman-2.6.3.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openwsman-2.6.2/CMakeLists.txt
new/openwsman-2.6.3/CMakeLists.txt
--- old/openwsman-2.6.2/CMakeLists.txt 2015-10-06 11:06:58.000000000 +0200
+++ new/openwsman-2.6.3/CMakeLists.txt 2016-06-21 13:21:10.000000000 +0200
@@ -14,6 +14,9 @@
if(COMMAND cmake_policy)
cmake_policy(SET CMP0003 OLD)
cmake_policy(SET CMP0005 OLD)
+ if ( POLICY CMP0042 )
+ cmake_policy(SET CMP0042 NEW)
+ endif ( POLICY CMP0042 )
if ( POLICY CMP0046 )
cmake_policy(SET CMP0046 OLD)
endif ( POLICY CMP0046 )
@@ -32,7 +35,7 @@
# Package architecture
IF ( NOT DEFINED PACKAGE_ARCHITECTURE )
- EXECUTE_PROCESS(COMMAND "/bin/uname" "-m" OUTPUT_VARIABLE UNAME_M)
+ EXECUTE_PROCESS(COMMAND "uname" "-m" OUTPUT_VARIABLE UNAME_M)
# strip trailing newline
STRING(REPLACE "\n" "" PACKAGE_ARCHITECTURE ${UNAME_M})
ENDIF ( NOT DEFINED PACKAGE_ARCHITECTURE )
@@ -44,9 +47,13 @@
IF ( DEFINED LIB )
SET ( LIB_INSTALL_DIR "${CMAKE_INSTALL_PREFIX}/${LIB}" )
ELSE ( DEFINED LIB )
- IF (CMAKE_SIZEOF_VOID_P MATCHES "8")
- SET( LIB_SUFFIX "64" )
- ENDIF(CMAKE_SIZEOF_VOID_P MATCHES "8")
+ IF (APPLE)
+ SET(LIB_SUFFIX "")
+ ELSE (APPLE)
+ IF (CMAKE_SIZEOF_VOID_P MATCHES "8")
+ SET( LIB_SUFFIX "64" )
+ ENDIF(CMAKE_SIZEOF_VOID_P MATCHES "8")
+ ENDIF (APPLE)
SET ( LIB_INSTALL_DIR "${CMAKE_INSTALL_PREFIX}/lib${LIB_SUFFIX}" )
ENDIF ( DEFINED LIB )
MESSAGE(STATUS "Libraries will be installed in ${LIB_INSTALL_DIR}" )
@@ -170,9 +177,9 @@
IF( BUILD_PYTHON )
MESSAGE(STATUS "Building Python bindings" )
- FIND_PACKAGE(PythonLibs)
+ FIND_PACKAGE(PythonLibs 2.6 REQUIRED)
IF (PYTHON_LIBRARY)
- FIND_PACKAGE(PythonInterp REQUIRED)
+ FIND_PACKAGE(PythonInterp 2.6 REQUIRED)
MESSAGE(STATUS "Found PythonLibs...")
FIND_PACKAGE(PythonLinkLibs)
IF (PYTHON_LINK_LIBS)
@@ -378,6 +385,10 @@
SET(HAVE_ALLOCA 0)
SET(C_ALLOCA 0)
CHECK_INCLUDE_FILE( "alloca.h" HAVE_ALLOCA_H )
+ELSE (NOT HAVE_ALLOCA)
+ SET(HAVE_ALLOCA 1)
+ SET(C_ALLOCA 1)
+ SET(HAVE_ALLOCA_H 0)
ENDIF (NOT HAVE_ALLOCA)
#
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openwsman-2.6.2/ChangeLog
new/openwsman-2.6.3/ChangeLog
--- old/openwsman-2.6.2/ChangeLog 2015-10-14 14:53:14.000000000 +0200
+++ new/openwsman-2.6.3/ChangeLog 2016-06-21 12:38:11.000000000 +0200
@@ -1,3 +1,12 @@
+2.6.3
+- Bugfixes
+ - Prevent buffer overflow if digest realm too long
+ - Ensure path starts with '/' in client data endpoint
+ - Java bindings build fix
+ - Fix SSL library, usage is not thread safe (vcrhonek)
+ - Improve NetBSD and OSX builds (apjanke)
+ - Install winrs with correct name and permissions
+
2.6.2
- Features
- Install winrs.rb (Windows Remote Shell) to /usr/bin
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openwsman-2.6.2/VERSION.cmake
new/openwsman-2.6.3/VERSION.cmake
--- old/openwsman-2.6.2/VERSION.cmake 2015-10-14 14:45:51.000000000 +0200
+++ new/openwsman-2.6.3/VERSION.cmake 2016-06-21 12:38:11.000000000 +0200
@@ -44,10 +44,10 @@
# set COMPATMINOR to MINOR. (binary incompatible change)
#
-# Package version 2.6.2
+# Package version 2.6.3
SET(OPENWSMAN_MAJOR "2")
SET(OPENWSMAN_MINOR "6")
-SET(OPENWSMAN_PATCH "2")
+SET(OPENWSMAN_PATCH "3")
# Plugin API 2.2
SET(OPENWSMAN_PLUGIN_API_MAJOR "2")
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openwsman-2.6.2/autoconfiscate.sh
new/openwsman-2.6.3/autoconfiscate.sh
--- old/openwsman-2.6.2/autoconfiscate.sh 2015-08-27 15:37:51.000000000
+0200
+++ new/openwsman-2.6.3/autoconfiscate.sh 2016-05-11 09:42:24.000000000
+0200
@@ -1,8 +1,18 @@
-#!/bin/sh
+#!/bin/sh
-echo "*** Autoconf/automake is deprecated for Openwsman"
-echo "*** and might not fully work."
-echo "*** Use cmake instead !"
+cat <<EOS >&2
+*** Autoconf/automake is deprecated for Openwsman and might not fully work.
+*** Please use CMake instead!
+*** Pull requests welcome ;-)
+EOS
+
+if [ "$1" != "--ignore-deprecation-warning" ]; then
+ cat <<EOS >&2
+*** To ignore this warning and proceed regardless, re-run as follows:
+*** $0 --ignore-deprecation-warning
+EOS
+ exit 1
+fi
UNAME=`uname`
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openwsman-2.6.2/bindings/java/CMakeLists.txt
new/openwsman-2.6.3/bindings/java/CMakeLists.txt
--- old/openwsman-2.6.2/bindings/java/CMakeLists.txt 2015-08-26
10:12:49.000000000 +0200
+++ new/openwsman-2.6.3/bindings/java/CMakeLists.txt 2016-06-20
14:55:37.000000000 +0200
@@ -41,7 +41,7 @@
COMMAND ${JAVA_COMPILE} ${java_SOURCE} ${EXPLICIT_SOURCE} ${java_TARGET}
${EXPLICIT_TARGET} -d . *.java
COMMAND ${CMAKE_COMMAND} -E echo_append "Creating JAR ..."
COMMAND ${JAVA_ARCHIVE} cvf ${jar_NAME} *.so org/*
- DEPENDS ${SWIG_OUTPUT}
+ DEPENDS jwsman
)
ADD_CUSTOM_TARGET ( jwsman_all ALL
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openwsman-2.6.2/bindings/java/tests/identify.java
new/openwsman-2.6.3/bindings/java/tests/identify.java
--- old/openwsman-2.6.2/bindings/java/tests/identify.java 2015-08-26
10:12:49.000000000 +0200
+++ new/openwsman-2.6.3/bindings/java/tests/identify.java 2016-06-21
12:39:16.000000000 +0200
@@ -4,7 +4,10 @@
// Java test for WS-Identify
//
-import org.openwsman.*;
+import org.openwsman.Client;
+import org.openwsman.ClientOptions;
+import org.openwsman.OpenWSManConstants;
+import org.openwsman.XmlDoc;
public class identify {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openwsman-2.6.2/bindings/python/CMakeLists.txt
new/openwsman-2.6.3/bindings/python/CMakeLists.txt
--- old/openwsman-2.6.2/bindings/python/CMakeLists.txt 2015-08-26
10:12:49.000000000 +0200
+++ new/openwsman-2.6.3/bindings/python/CMakeLists.txt 2016-04-29
09:22:52.000000000 +0200
@@ -12,7 +12,7 @@
add_subdirectory(tests)
-EXECUTE_PROCESS(COMMAND ${PYTHON_EXECUTABLE} -c "from distutils.sysconfig
import get_python_lib; print get_python_lib(1)" OUTPUT_VARIABLE PYTHON_LIB_DIR)
+EXECUTE_PROCESS(COMMAND ${PYTHON_EXECUTABLE} -c "from distutils.sysconfig
import get_python_lib; print(get_python_lib(1))" OUTPUT_VARIABLE PYTHON_LIB_DIR)
STRING(REPLACE "\n" "" PYTHON_LIB_DIR "${PYTHON_LIB_DIR}")
MESSAGE(STATUS "Python executable: ${PYTHON_EXECUTABLE}")
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openwsman-2.6.2/bindings/version.i
new/openwsman-2.6.3/bindings/version.i
--- old/openwsman-2.6.2/bindings/version.i 2015-07-24 14:33:56.000000000
+0200
+++ new/openwsman-2.6.3/bindings/version.i 1970-01-01 01:00:00.000000000
+0100
@@ -1,11 +0,0 @@
-/*
- * version.i
- * version definitions for openwsman swig bindings
- *
- */
-
-#define OPENWSMAN_MAJOR 2
-#define OPENWSMAN_MINOR 6
-#define OPENWSMAN_PATCH 0
-#define OPENWSMAN_VERSION "2.6.0"
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openwsman-2.6.2/examples/CMakeLists.txt
new/openwsman-2.6.3/examples/CMakeLists.txt
--- old/openwsman-2.6.2/examples/CMakeLists.txt 2015-10-14 14:45:51.000000000
+0200
+++ new/openwsman-2.6.3/examples/CMakeLists.txt 2016-02-29 14:53:54.000000000
+0100
@@ -18,4 +18,4 @@
# winrs.rb
-INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/winrs.rb DESTINATION
${CMAKE_INSTALL_PREFIX}/bin)
+INSTALL(PROGRAMS ${CMAKE_CURRENT_SOURCE_DIR}/winrs.rb DESTINATION
${CMAKE_INSTALL_PREFIX}/bin RENAME winrs)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openwsman-2.6.2/examples/winrs.rb
new/openwsman-2.6.3/examples/winrs.rb
--- old/openwsman-2.6.2/examples/winrs.rb 2015-10-14 14:45:51.000000000
+0200
+++ new/openwsman-2.6.3/examples/winrs.rb 2016-02-29 14:53:54.000000000
+0100
@@ -1,3 +1,5 @@
+#!/usr/bin/env ruby
+#
# winrs.rb
#
# Windows Remote Shell
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openwsman-2.6.2/package/openwsman.spec.in
new/openwsman-2.6.3/package/openwsman.spec.in
--- old/openwsman-2.6.2/package/openwsman.spec.in 2015-10-14
14:49:41.000000000 +0200
+++ new/openwsman-2.6.3/package/openwsman.spec.in 2016-06-21
12:38:11.000000000 +0200
@@ -388,9 +388,6 @@
install -D -m 644 %{S:3}
$RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/openwsman
%endif
-# rename winrs.rb -> winrs
-mv $RPM_BUILD_ROOT%{_bindir}/winrs.rb $RPM_BUILD_ROOT%{_bindir}/winrs
-
%post -n libwsman3 -p /sbin/ldconfig
%postun -n libwsman3
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openwsman-2.6.2/src/lib/CMakeLists.txt
new/openwsman-2.6.3/src/lib/CMakeLists.txt
--- old/openwsman-2.6.2/src/lib/CMakeLists.txt 2015-08-26 13:33:11.000000000
+0200
+++ new/openwsman-2.6.3/src/lib/CMakeLists.txt 2016-04-29 09:15:44.000000000
+0200
@@ -53,6 +53,9 @@
SET( wsman_curl_client_transport_SOURCES wsman-client-transport.c
wsman-curl-client-transport.c )
ADD_LIBRARY( ${WSMAN_CLIENT_TRANSPORT_PKG} SHARED
${wsman_curl_client_transport_SOURCES} )
TARGET_LINK_LIBRARIES( ${WSMAN_CLIENT_TRANSPORT_PKG} ${CURL_LIBRARIES} )
+IF( ENABLE_EVENTING_SUPPORT )
+TARGET_LINK_LIBRARIES( ${WSMAN_CLIENT_TRANSPORT_PKG} ${OPENSSL_LIBRARIES} )
+ENDIF( ENABLE_EVENTING_SUPPORT )
SET_TARGET_PROPERTIES( ${WSMAN_CLIENT_TRANSPORT_PKG} PROPERTIES VERSION 1.0.0
SOVERSION 1)
INSTALL(TARGETS ${WSMAN_CLIENT_TRANSPORT_PKG} DESTINATION ${LIB_INSTALL_DIR})
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openwsman-2.6.2/src/lib/wsman-client.c
new/openwsman-2.6.3/src/lib/wsman-client.c
--- old/openwsman-2.6.2/src/lib/wsman-client.c 2015-10-06 11:06:58.000000000
+0200
+++ new/openwsman-2.6.3/src/lib/wsman-client.c 2016-02-29 14:53:54.000000000
+0100
@@ -2028,8 +2028,11 @@
#ifdef _WIN32
wsc->session_handle = 0;
#endif
- wsc->data.endpoint = u_strdup_printf("%s://%s:%d%s",
- wsc->data.scheme, wsc->data.hostname, wsc->data.port,
wsc->data.path);
+ wsc->data.endpoint = u_strdup_printf("%s://%s:%d%s%s",
+ wsc->data.scheme,
wsc->data.hostname,
+ wsc->data.port,
+ (*wsc->data.path == '/') ? "" :
"/",
+ wsc->data.path);
debug("Endpoint: %s", wsc->data.endpoint);
wsc->authentication.verify_host = 1; //verify CN in server certicates
by default
wsc->authentication.verify_peer = 1; //validate server certificates by
default
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/openwsman-2.6.2/src/lib/wsman-curl-client-transport.c
new/openwsman-2.6.3/src/lib/wsman-curl-client-transport.c
--- old/openwsman-2.6.2/src/lib/wsman-curl-client-transport.c 2015-10-14
14:45:51.000000000 +0200
+++ new/openwsman-2.6.3/src/lib/wsman-curl-client-transport.c 2016-04-29
09:19:57.000000000 +0200
@@ -46,8 +46,10 @@
#include <curl/curl.h>
#include <curl/easy.h>
+#ifdef ENABLE_EVENTING_SUPPORT
#include <openssl/opensslv.h>
#include <openssl/ssl.h>
+#endif
#include "u/libu.h"
#include "wsman-types.h"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openwsman-2.6.2/src/plugins/cim/cim_data_stubs.c
new/openwsman-2.6.3/src/plugins/cim/cim_data_stubs.c
--- old/openwsman-2.6.2/src/plugins/cim/cim_data_stubs.c 2015-08-26
10:12:50.000000000 +0200
+++ new/openwsman-2.6.3/src/plugins/cim/cim_data_stubs.c 2016-06-21
12:38:11.000000000 +0200
@@ -170,27 +170,30 @@
hscan_t hs;
hnode_t *hn;
int rv = 0;
- if(!client){
+ if (!client) {
return 0;
}
- if (client->resource_uri && (strcmp( client->resource_uri,
CIM_ALL_AVAILABLE_CLASSES ) ==0) ) {
+ if (!client->resource_uri) {
+ return 0;
+ }
+ if (strcmp( client->resource_uri, CIM_ALL_AVAILABLE_CLASSES ) == 0 ) {
return 1;
}
- if ( client->resource_uri && (strstr( client->resource_uri,
XML_NS_CIM_INTRINSIC ) != NULL )) {
+ if (strstr( client->resource_uri, XML_NS_CIM_INTRINSIC ) != NULL ) {
return 1;
}
/* Ok if class schema is CIM, uri starts with XML_NS_CIM_CLASS
* and method is not 'Create' (CIM_ is abstract, cannot be created)
*/
- if (client->requested_class && client->resource_uri && client->method
+ if (client->requested_class && client->method
&& (strncmp(client->requested_class, "CIM_", 4) == 0 )
&& (strstr(client->resource_uri , XML_NS_CIM_CLASS) ==
client->resource_uri )
&& (strcmp(client->method, TRANSFER_CREATE) != 0)) {
return 1;
}
- if (client->requested_class && client->namespaces &&
client->resource_uri) {
+ if (client->requested_class && client->namespaces) {
hash_scan_begin(&hs, client->namespaces);
while ((hn = hash_scan_next(&hs))) {
if ( ( strstr(client->requested_class,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openwsman-2.6.2/src/server/shttpd/auth.c
new/openwsman-2.6.3/src/server/shttpd/auth.c
--- old/openwsman-2.6.2/src/server/shttpd/auth.c 2014-07-25
17:08:56.000000000 +0200
+++ new/openwsman-2.6.3/src/server/shttpd/auth.c 2016-02-29
14:53:54.000000000 +0100
@@ -387,39 +387,66 @@
return (ret);
}
-void
+int
send_authorization_request(struct conn *c)
{
- char buf[512];
- int n = 0;
+#define BUFSIZE 512
+ char buf[BUFSIZE];
+ char *bufptr = buf;
+ int n;
+ size_t remaining = BUFSIZE;
int b = 0, d = 0;
struct llhead *lp;
struct uri_auth *auth;
- n = snprintf(buf, sizeof(buf), "Unauthorized\r\n");
+ n = snprintf(bufptr, remaining, "Unauthorized\r\n");
+ bufptr += n;
+ remaining -= n;
LL_FOREACH(&c->ctx->uri_auths, lp) {
auth = LL_ENTRY(lp, struct uri_auth, link);
if (auth->type == DIGEST_AUTH && d == 0) {
- if (b ) {
- n += snprintf(buf +n,
sizeof(buf) - n, "\r\n");
- }
- n += snprintf(buf +n, sizeof(buf) - n,
- "WWW-Authenticate: Digest qop=\"auth\", realm=\"%s\", "
- "nonce=\"%lu\"", c->ctx->auth_realm, (unsigned long)
current_time);
- d = 1;
+ if (b) {
+ n = snprintf(bufptr, remaining, "\r\n");
+ if (n >= remaining) {
+ return -1;
+ }
+ bufptr += n;
+ remaining -= n;
+ }
+ n = snprintf(bufptr, remaining,
+ "WWW-Authenticate: Digest qop=\"auth\",
realm=\"%s\", "
+ "nonce=\"%lu\"", c->ctx->auth_realm,
(unsigned long) current_time);
+ if (n >= remaining) {
+ return -1;
+ }
+ bufptr += n;
+ remaining -= n;
+ d = 1;
}
if (auth->type == BASIC_AUTH && b == 0) {
- if (d) {
- n += snprintf(buf +n,
sizeof(buf) - n, "\r\n");
- }
- n += snprintf(buf +n, sizeof(buf) - n,
- "WWW-Authenticate: Basic realm=\"%s\"",
c->ctx->auth_realm);
- b = 1;
+ if (d) {
+ n = snprintf(bufptr, remaining, "\r\n");
+ if (n >= remaining) {
+ return -1;
+ }
+ bufptr += n;
+ remaining -= n;
+ }
+ n = snprintf(bufptr, remaining,
+ "WWW-Authenticate: Basic realm=\"%s\"",
c->ctx->auth_realm);
+ if (n >= remaining) {
+ return -1;
+ }
+ bufptr += n;
+ remaining -= n;
+ b = 1;
}
}
send_server_error(c, 401, buf);
+#undef BUFSIZE
+ return 0;
}
/*
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openwsman-2.6.2/src/server/shttpd/shttpd.c
new/openwsman-2.6.3/src/server/shttpd/shttpd.c
--- old/openwsman-2.6.2/src/server/shttpd/shttpd.c 2015-08-26
10:12:50.000000000 +0200
+++ new/openwsman-2.6.3/src/server/shttpd/shttpd.c 2016-02-29
14:53:54.000000000 +0100
@@ -488,11 +488,14 @@
}
#if !defined(NO_AUTH)
- rc = check_authorization(c, path);
- if(rc != 1)
- {
- if(rc != 2) /* 2 = multipass auth (GSS)*/
- send_authorization_request(c);
+ rc = check_authorization(c, path);
+ if (rc != 1) {
+ if (rc != 2) { /* 2 = multipass auth (GSS)*/
+ if (send_authorization_request(c)) {
+ fprintf(stderr, "Digest realm overflows
buffer\n");
+ return;
+ }
+ }
} else
#endif /* NO_AUTH */
#ifdef EMBEDDED
@@ -507,7 +510,10 @@
#if !defined(NO_AUTH)
if ((c->method == METHOD_PUT || c->method == METHOD_DELETE) &&
(c->ctx->put_auth_file == NULL || !is_authorized_for_put(c))) {
- send_authorization_request(c);
+ if (send_authorization_request(c)) {
+ fprintf(stderr, "Digest realm overflows buffer\n");
+ return;
+ }
} else
#endif /* NO_AUTH */
if (c->method == METHOD_PUT) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openwsman-2.6.2/src/server/shttpd/shttpd_defs.h
new/openwsman-2.6.3/src/server/shttpd/shttpd_defs.h
--- old/openwsman-2.6.2/src/server/shttpd/shttpd_defs.h 2014-07-25
17:08:56.000000000 +0200
+++ new/openwsman-2.6.3/src/server/shttpd/shttpd_defs.h 2016-02-29
14:53:55.000000000 +0100
@@ -480,7 +480,7 @@
*/
extern int check_authorization(struct conn *c, const char *path);
extern int is_authorized_for_put(struct conn *c);
-extern void send_authorization_request(struct conn *c);
+extern int send_authorization_request(struct conn *c);
extern int edit_passwords(const char *fname, const char *domain,
const char *user, const char *pass);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openwsman-2.6.2/src/server/wsmand-listener.c
new/openwsman-2.6.3/src/server/wsmand-listener.c
--- old/openwsman-2.6.2/src/server/wsmand-listener.c 2015-08-26
13:33:12.000000000 +0200
+++ new/openwsman-2.6.3/src/server/wsmand-listener.c 2016-06-20
14:55:12.000000000 +0200
@@ -83,6 +83,10 @@
#endif
#include <sys/socket.h>
+/* SSL thread safe */
+#include <openssl/crypto.h>
+static pthread_mutex_t *lock_cs;
+static long *lock_count;
static pthread_mutex_t shttpd_mutex;
static pthread_cond_t shttpd_cond;
@@ -107,6 +111,50 @@
int gss_encrypt(struct shttpd_arg *arg, char *input, int inlen, char **output,
int *outlen);
#endif
+/* SSL thread safe */
+void pthreads_locking_callback(int mode, int type, char *file, int line) {
+ if (mode & CRYPTO_LOCK) {
+ pthread_mutex_lock(&(lock_cs[type]));
+ lock_count[type]++;
+ }
+ else {
+ pthread_mutex_unlock(&(lock_cs[type]));
+ }
+}
+
+unsigned long pthreads_thread_id(void) {
+ unsigned long ret;
+
+ ret = (unsigned long)pthread_self();
+ return(ret);
+}
+
+void thread_setup(void) {
+ int i;
+
+ lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t));
+ lock_count = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long));
+ for (i = 0; i < CRYPTO_num_locks(); i++) {
+ lock_count[i] = 0;
+ pthread_mutex_init(&(lock_cs[i]), NULL);
+ }
+
+ CRYPTO_set_id_callback((unsigned long (*)())pthreads_thread_id);
+ CRYPTO_set_locking_callback((void (*)())pthreads_locking_callback);
+}
+
+void thread_cleanup(void) {
+ int i;
+
+ CRYPTO_set_locking_callback(NULL);
+ for (i = 0; i < CRYPTO_num_locks(); i++) {
+ pthread_mutex_destroy(&(lock_cs[i]));
+ }
+
+ OPENSSL_free(lock_cs);
+ OPENSSL_free(lock_count);
+}
+
/* Check HTTP headers */
static
int check_request_content_type(struct shttpd_arg *arg) {
@@ -723,6 +771,10 @@
if (wsman_setup_thread(&pattrs) == 0 )
return listener;
+
+ /* SSL thread safe */
+ thread_setup();
+
pthread_create(&tid, &pattrs, wsman_server_auxiliary_loop_thread, cntx);
#ifdef ENABLE_EVENTING_SUPPORT
@@ -749,5 +801,9 @@
}
shttpd_add_socket(thread->ctx, sock, use_ssl);
}
+
+ /* SSL thread safe */
+ thread_cleanup();
+
return listener;
}
