Hello community, here is the log from the commit of package mumble for openSUSE:Factory checked in at Mon Feb 21 14:04:43 CET 2011. -------- New Changes file: --- /dev/null 2010-08-26 16:28:41.000000000 +0200 +++ mumble/mumble.changes 2011-01-27 09:36:39.000000000 +0100 @@ -0,0 +1,144 @@ +------------------------------------------------------------------- +Thu Jan 27 08:36:21 UTC 2011 - lnussel@suse.de + +- change license tag to BSD3c (bnc#667547) + +------------------------------------------------------------------- +Thu Dec 23 13:28:42 UTC 2010 - lnussel@suse.de + +- fix build on sle11sp1 + +------------------------------------------------------------------- +Wed Dec 15 15:16:45 UTC 2010 - lnussel@suse.de + +- fix some rpmlint warnings + +------------------------------------------------------------------- +Fri Jul 16 08:03:31 UTC 2010 - lnussel@suse.de + +- fix crash with long user names (CVE-2010-2490) + +------------------------------------------------------------------- +Fri Apr 23 14:47:01 UTC 2010 - lnussel@suse.de + +- actually enable pulseaudio + +------------------------------------------------------------------- +Wed Feb 10 15:49:13 UTC 2010 - lnussel@suse.de + +- new version 1.2.2 + * new user information dialog + * new toolbar + * Improved connect speed to large servers with lots of users and comments (needs updated server) through use of local caching of content + * Servers using trusted certificates are now highlighted in green throughout the GUI. + * CELT version bump; possible quality improvements as a result, on certain configurations + * LOTRO, L4D2, and ArmA2 plugins + * Replaced user-textures with avatars to make overlay more useful + * Better overlay system on Win32 using the pipe method + * Numerous GUI improvements, including consolidating and reorganizing the main window menus + * Logitech G15 fixes and improvements + * Made friend and server window icons skinnable (emblem-favorite.svg, etc, see Skinning) + * server side database upgrade bug (only occured when updating from 1.1.8 directly to 1.2.1) + * Bonjour LAN server discovery and resolving works again + * G15 activation problems + * memory leak on certain configurations + +------------------------------------------------------------------- +Wed Jan 13 18:58:37 UTC 2010 - lnussel@suse.de + +- libcelt must be in /usr/lib/mumble rather than /usr/lib/mumble/plugins + +------------------------------------------------------------------- +Sun Jan 10 12:22:08 UTC 2010 - lnussel@suse.de + +- enable ice for fedora 12 + +------------------------------------------------------------------- +Sun Jan 10 09:27:07 UTC 2010 - lnussel@suse.de + +- add patch to fix 1.1.8 -> 1.2.1 server migration + +------------------------------------------------------------------- +Sat Jan 9 19:06:27 UTC 2010 - lnussel@suse.de + +- new version 1.2.0 +- add init script and user for server + +------------------------------------------------------------------- +Sat Dec 12 09:48:14 UTC 2009 - lnussel@suse.de + +- fix certificate wizard page order for Qt 4.4 + +------------------------------------------------------------------- +Fri Dec 11 14:57:13 UTC 2009 - lnussel@suse.de + +- new version 1.2.0 + +------------------------------------------------------------------- +Tue Jul 28 08:06:07 UTC 2009 - lnussel@suse.de + +- fix gcc warning in overlay_gl that causes build failure in Factory + +------------------------------------------------------------------- +Mon Mar 30 11:13:10 CEST 2009 - lnussel@suse.de + +- force use of bundled speex on 11.0 to fix build + +------------------------------------------------------------------- +Fri Mar 27 15:43:39 CET 2009 - lnussel@suse.de + +- new version 1.1.8 + +------------------------------------------------------------------- +Tue Feb 24 14:22:24 CET 2009 - lnussel@wachendorf.lan + +- mark server config as %config + +------------------------------------------------------------------- +Mon Feb 23 12:22:22 CET 2009 - lnussel@suse.de + +- new version 1.1.7 + +------------------------------------------------------------------- +Sun Jan 25 20:07:29 CET 2009 - lnussel@suse.de + +- filter glibc private symbols +- cleanup + +------------------------------------------------------------------- +Sat Jan 17 16:39:26 CET 2009 - lnussel@suse.de + +- add experimental patch to not use mice for shortcuts + +------------------------------------------------------------------- +Fri Sep 19 11:43:32 CEST 2008 - lnussel@suse.de + +- new version 1.1.6 + +------------------------------------------------------------------- +Fri Sep 5 16:52:37 CEST 2008 - lnussel@suse.de + +- enable pulseaudio on openSUSE +- change requirement for 10.3 qt4 bug workaround + +------------------------------------------------------------------- +Sat Jun 7 13:38:04 CEST 2008 - anschneider@suse.de + +- support openSUSE 10.2 + +------------------------------------------------------------------- +Tue May 13 18:14:04 CEST 2008 - lnussel@suse.de + +- new version 1.1.4 + * now with link plugin + +------------------------------------------------------------------- +Wed Mar 19 17:42:53 CET 2008 - lnussel@suse.de + +- split off server package + +------------------------------------------------------------------- +Fri Mar 14 10:49:24 CET 2008 - lnussel@suse.de + +- initial package version 1.1.3 + calling whatdependson for head-i586 New: ---- 0001-fix-build-error-with-capability.h.diff 0003-fix-long-username-query.patch 0004-fix-username-validation.patch baselibs.conf celt-0.10.0.tar.gz celt-0.7.0.tar.gz celt-0.9.0.tar.gz mumble-1.1.4-sle10glx.diff mumble-1.2.1-wizardpageorder.diff mumble-1.2.2-buildcompare.diff mumble-1.2.2.tar.gz mumble-1.2.2.tar.gz.sig mumble-server.init mumble-unstable-1.2.2.tar.bz2 mumble.changes mumble.spec ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mumble.spec ++++++ # # spec file for package mumble # # Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # norootforbuild %if 0%{?suse_version} > 1100 %bcond_without pulseaudio %else %if 0%{?fedora_version} > 9 %bcond_without pulseaudio %else %bcond_with pulseaudio %endif %endif %if 0%{?fedora_version} > 11 %bcond_without ice %else %bcond_with ice %endif %bcond_without mumble11x %bcond_without bonjour %bcond_with system_celt %bcond_without system_speex Name: mumble BuildRequires: protobuf-devel %if %{with bonjour} %if 0%{?suse_version} %if 0%{?suse_version} > 1010 BuildRequires: avahi-compat-mDNSResponder-devel %endif %else BuildRequires: avahi-compat-libdns_sd-devel %endif %endif %if %{with system_celt} BuildRequires: libcelt-devel Requires: libcelt0 > 0.7.0 %endif BuildRequires: libsndfile-devel BuildRequires: libogg-devel BuildRequires: libcap-devel %if %{with system_speex} BuildRequires: speex-devel %endif BuildRequires: boost-devel gcc-c++ %if 0%{?suse_version} BuildRequires: alsa-devel libqt4-devel pkg-config update-desktop-files %if 0%{?suse_version} > 1020 BuildRequires: libopenssl-devel %else BuildRequires: openssl-devel %endif %endif %if 0%{?fedora_version} BuildRequires: alsa-lib-devel libXevie-devel openssl-devel pkgconfig qt4-devel %endif %if %{with ice} BuildRequires: ice-devel %endif %if 0%{?mandriva_version} BuildRequires: -alsa-plugins alsa-lib-devel libxevie-devel openssl-devel pkgconfig qt4-devel qt4-linguist BuildRequires: libxi-devel %endif %if %{with pulseaudio} BuildRequires: pulseaudio-devel %endif Version: 1.2.2%{?snapshot:_%snapshot} Release: 1 License: BSD3c Group: Productivity/Multimedia/Sound/Utilities %if 0%{?snapshot:1} Source: mumble-unstable-%{version}.tar.bz2 %else Source: http://downloads.sourceforge.net/project/mumble/Mumble/%{version}/mumble-%{version}.tar.gz Source1: http://downloads.sourceforge.net/project/mumble/Mumble/%{version}/mumble-%{version}.tar.gz.sig %endif Source2: mumble-server.init Patch0: mumble-1.2.1-wizardpageorder.diff Patch1: 0003-fix-long-username-query.patch Patch2: 0004-fix-username-validation.patch Patch3: 0001-fix-build-error-with-capability.h.diff Patch50: mumble-1.2.2-buildcompare.diff # hack, no clue about glx so no idea to fix this properly Patch99: mumble-1.1.4-sle10glx.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build Url: http://mumble.sourceforge.net/ Summary: Voice Communication Client for Gamers %if 0%{?suse_version} Requires: qt-sql-sqlite %if 0%{?suse_version} == 1030 #XXX: qt4 bug on 10.3 (bnc#370942) Requires: libqt4 > 4.3.1-23 %endif # 10.3 %if 0%{?suse_version} == 1100 # the version shipped on 11.0 is insufficient Requires: libspeex > 1.1.99.3 %endif # 11.0 %endif # suse_version %if 0%{?fedora_version} Requires: qt4-sqlite %endif %if 0%{?suse_version} > 1010 %ifarch x86_64 Recommends: %{name}-32bit Conflicts: %{name}-32bit < %{version} %endif %ifarch ppc Recommends: %{name}-64bit Conflicts: %{name}-64bit < %{version} %endif %endif # %if 0%{?snapshot:1} Conflicts: mumble < %version Provides: mumble = %version # %if !%{with system_celt} Source50: http://downloads.xiph.org/releases/celt/celt-0.7.0.tar.gz Source51: http://downloads.xiph.org/releases/celt/celt-0.9.0.tar.gz Source52: http://downloads.xiph.org/releases/celt/celt-0.10.0.tar.gz %endif %endif %description Low-latency, high-quality voice communication for gamers. Includes game linking, so voice from other players comes from the direction of their characters, and has echo cancellation so the sound from your loudspeakers won't be audible to other players. %package server License: BSD3c Summary: Voice Communication Server for Gamers Group: Productivity/Multimedia/Sound/Utilities Requires: qt-sql-sqlite PreReq: /usr/sbin/useradd %if 0%{?snapshot:1} Conflicts: mumble-server < %version Provides: mumble-server = %version %endif %description server Low-latency, high-quality voice communication for gamers. Includes game linking, so voice from other players comes from the direction of their characters, and has echo cancellation so the sound from your loudspeakers won't be audible to other players. %prep %setup -q %patch0 -p1 %patch1 -p1 %patch2 -p1 %patch3 -p1 # %patch50 -p1 %if 0%{?suse_version} && 0%{?suse_version} < 1020 %patch99 -p1 %endif %if %{with system_celt} # XXX celt 0.6 vs celt 0.7 #sed -i -e 's/celt_int32/celt_int32_t/g' src/mumble/Audio.* #sed -i -e 's/celt_int16/celt_int16_t/g' src/mumble/Audio.* %else %if 0%{?snapshot:1} tar -xzf %SOURCE50 sed -i -e 's/celt-0.6.1-build//;s/celt-0.6.2-build//' main.pro for v in 0.7.0 0.9.0 0.10.0; do rmdir celt-$v-src mv celt-$v celt-$v-src done %endif %endif # %if 0%{?mandriva_version} #XXX: dirty hack. QT_REQUIRE_VERSION doesn't work with -Wformat-security. should be fixed qt really sed -i -e '/QT_REQUIRE_VERSION/d' src/mumble/main.cpp src/mumble11x/main.cpp %endif # %build %if 0%{?fedora_version} ln -s /usr/bin/qmake-qt4 qmake ln -s /usr/bin/lrelease-qt4 lrelease ln -s /usr/bin/lupdate-qt4 lupdate export PATH=$PATH:$PWD %endif %if 0%{?mandriva_version} > 2006 export PATH=/usr/lib/qt4/bin:$PATH export QTDIR=%{_prefix}/lib/qt4/ %endif # # %if 0 # for not having to wait for compile when testing packaging stuff.. mkdir release touch release/mumble release/murmurd release/libmumble.so.1.1.1 %else %if 0%{?mandriva_version} # HACK: mandriva forgot to package qt translations if [ ! -e /usr/lib/qt4/translations/qt_de.qm ]; then sed -i -e '/QMAKE_EXTRA_TARGETS/s/copytrans//;/PRE_TARGETDEPS/s/qt_de\.qm//' src/mumble/mumble.pro sed -i -e '/qt_.*\.qm/d' src/mumble/mumble.qrc fi %endif # # temporary hack, remove! sed -i -e '/QMAKE_CFLAGS/s/-Woverloaded-virtual -Wold-style-cast//' compiler.pri qmake \ QMAKE_CFLAGS_RELEASE="%{optflags} -Wall" \ QMAKE_CXXFLAGS_RELEASE="%{optflags} -Wall" \ DEFINES*=NO_UPDATE_CHECK \ DEFINES*=MUMBLE_VERSION=%version \ DEFINES*=PLUGIN_PATH=%{_libdir}/mumble \ CONFIG*=packaged \ %if 0%{?suse_version} DEFINES*=SYSTEM_CA_DIR=/etc/ssl/certs \ %endif CONFIG*=no-g15 \ CONFIG*=no-embed-qt-translations \ CONFIG*=no-speechd \ %if !%{with ice} CONFIG*=no-ice \ %endif %if %{with system_celt} CONFIG*=no-bundled-celt \ %endif %if %{with system_speex} CONFIG*=no-bundled-speex \ %endif %if !%{with mumble11x} CONFIG*=no-11x \ %endif %if !%{with bonjour} CONFIG*=no-bonjour \ %endif %if !%{with pulseaudio} CONFIG*=no-pulseaudio \ %endif CONFIG*=no-crash-report \ -recursive # ### XXX: hack for incomplete dependencies make qmake %if 0 # that translation stuff is just broken # copy the available ones manually %if 0%{?suse_version} cp /usr/share/qt4/translations/qt_*.qm src/mumble # 10.3 doesn't have that one touch src/mumble/qt_pl.qm %endif make -C src/mumble mumble_en.qm %if !0%{?mandriva_version} make -C src/mumble qt_de.qm %endif # %endif ### # # deps for *.pb.cc are broken and fail for high -j so generate # them manually first for i in mumble murmur; do make -C src/$i -f Makefile.Release compiler_pb_make_all done make %{?jobs:-j%{jobs}} %endif %install # client install -d -m 0755 "%{buildroot}%{_bindir}" install -D -m 0755 release/mumble %{buildroot}%{_bindir}/mumble install -d -m 0755 "%{buildroot}%{_libdir}/mumble/plugins" install -m 0755 release/plugins/*.so "%{buildroot}%{_libdir}/mumble/plugins" %if !%{with system_celt} cp -a release/libcelt0.so.* "%{buildroot}%{_libdir}/mumble" %endif install -m 755 scripts/mumble-overlay "%{buildroot}%{_bindir}/mumble-overlay" install -d -m 0755 "%{buildroot}%{_mandir}/man1" install -m 0644 man/*.1 "%{buildroot}%{_mandir}/man1" # install -D -m 0644 icons/mumble.xpm "%{buildroot}%{_datadir}/pixmaps/mumble.xpm" #install -D -m 0644 icons/mumble.16x16.png "%{buildroot}%{_datadir}/icons/hicolor/16x16/apps/mumble.png" #install -D -m 0644 icons/mumble.32x32.png "%{buildroot}%{_datadir}/icons/hicolor/32x32/apps/mumble.png" #install -D -m 0644 icons/mumble.48x48.png "%{buildroot}%{_datadir}/icons/hicolor/48x48/apps/mumble.png" #install -D -m 0644 icons/mumble.64x64.png "%{buildroot}%{_datadir}/icons/hicolor/64x64/apps/mumble.png" install -D -m 0644 icons/mumble.svg "%{buildroot}%{_datadir}/icons/hicolor/scalable/apps/mumble.svg" # install -d -m0755 "%{buildroot}%{_libdir}/mumble" install -m0755 release/libmumble.so.*.*.* "%{buildroot}%{_libdir}/mumble" /sbin/ldconfig -n "%{buildroot}%{_libdir}/mumble" # %if %{with mumble11x} install -D -m 0755 release/mumble11x %{buildroot}%{_bindir}/mumble11x %else # XXX /bin/rm "%{buildroot}%{_mandir}"/man1/mumble11x* %endif # # server install -D -m 0755 release/murmurd "%{buildroot}%{_sbindir}/murmurd" install -D -m 0755 %{SOURCE2} %{buildroot}/etc/init.d/mumble-server ln -s /etc/init.d/mumble-server %{buildroot}%{_sbindir}/rcmumble-server install -D -m 0644 scripts/murmur.conf %{buildroot}%{_sysconfdir}/dbus-1/system.d/mumble-server.conf install -D -m 0644 scripts/murmur.ini %{buildroot}%{_sysconfdir}/mumble-server.ini # fix up config file sed -i -e 's/^dbus=session/dbus=system/' \ -e 's/#uname=/uname=mumble-server/' \ -e 's@#pidfile=@pidfile=/var/run/mumble-server/mumble-server.pid@' \ -e 's@#logfile=@logfile=/var/log/mumble-server/@' \ %{buildroot}%{_sysconfdir}/mumble-server.ini install -D -m 0755 scripts/murmur-user-wrapper %{buildroot}%{_bindir}/murmur-user-wrapper sed -i -e '/^SYSDIR=/s@=.*@%{_docdir}/%{name}/scripts@' %{buildroot}%{_bindir}/murmur-user-wrapper for i in log lib run; do install -d -m755 %buildroot/var/$i/mumble-server done # install -d %buildroot/%_datadir/applications %if 0%{?suse_version} sed 's/^Categories.*/Categories=X-SuSE-Core-Game;/' \ < scripts/mumble.desktop \ > %buildroot/%_datadir/applications/mumble.desktop %suse_update_desktop_file mumble %else install -m 644 scripts/mumble.desktop %buildroot/%_datadir/applications/mumble.desktop %endif %if %{with mumble11x} sed -e '/^Name=/s/$/ 1.1.x/;/^Exec=/s/$/11x/' \ < %buildroot/%_datadir/applications/mumble.desktop \ > %buildroot/%_datadir/applications/mumble11x.desktop %endif mkdir -p %{buildroot}%{_docdir}/%{name} cp -a scripts LICENSE README README.Linux %{buildroot}%{_docdir}/%{name} # %if 0%{?suse_version} >= 1130 %if 0%{?suse_version} == 1130 mkdir %buildroot/etc/tmpdirs.d/ cat >> %buildroot/etc/tmpdirs.d/50_mumble-server <<EOF #!/bin/sh while read t f m o g xxx; do [ "$t" = d ] || continue install -d -m $m -o $o -g $g $f done < /etc/tmpfiles.d/mumble-server.conf EOF %endif mkdir %buildroot/etc/tmpfiles.d cat >> %buildroot/etc/tmpfiles.d/mumble-server.conf <<EOF d /var/run/mumble-server 0755 mumble-server mumble-server - EOF %endif %clean rm -rf "%{buildroot}" %pre server getent group mumble-server >/dev/null || groupadd -r mumble-server || : getent passwd mumble-server >/dev/null || \ /usr/sbin/useradd -r -d /var/lib/mumble-server -s /bin/false -c "Mumble VoIP Server" -g mumble-server mumble-server 2> /dev/null || : %preun server %if 0%{?suse_version} %stop_on_removal mumble-server %endif %postun server %if 0%{?suse_version} %restart_on_update mumble-server %insserv_cleanup %endif %files %defattr(-, root, root) %exclude %{_docdir}/%{name}/scripts/murmur.ini %doc %{_docdir}/%{name} %{_bindir}/mumble %{_bindir}/mumble-overlay %{_mandir}/man1/mumble-overlay.* %{_mandir}/man1/mumble.* %if %{with mumble11x} %{_bindir}/mumble11x %{_mandir}/man1/mumble11x* %endif %dir %{_datadir}/icons/hicolor %dir %{_datadir}/icons/hicolor/* %dir %{_datadir}/icons/hicolor/*/apps %{_datadir}/icons/hicolor/*/apps/mumble.* %{_datadir}/pixmaps/* %{_datadir}/applications/* %{_libdir}/mumble %files server %defattr(-,root,root) %doc %{_docdir}/%{name}/scripts/murmur.ini %config %{_sysconfdir}/dbus-1/system.d/mumble-server.conf %config(noreplace) %{_sysconfdir}/mumble-server.ini /etc/init.d/mumble-server %{_sbindir}/rcmumble-server %{_sbindir}/murmurd %{_bindir}/murmur-user-wrapper %{_mandir}/man1/murmurd.* %{_mandir}/man1/murmur-user-wrapper.* %dir %attr(-,mumble-server,mumble-server) /var/lib/mumble-server %dir %attr(-,mumble-server,mumble-server) /var/log/mumble-server %if 0%{?suse_version} < 1130 %dir %attr(-,mumble-server,mumble-server) /var/run/mumble-server %else %if 0%{?suse_version} == 1130 %config /etc/tmpdirs.d/50_mumble-server %endif %config /etc/tmpfiles.d/mumble-server.conf %endif %changelog ++++++ 0001-fix-build-error-with-capability.h.diff ++++++
From 18b8b6d42c9e8ed2964a312a8134adb482585e03 Mon Sep 17 00:00:00 2001 From: Ludwig Nussel <ludwig.nussel@suse.de> Date: Thu, 23 Dec 2010 14:03:56 +0100 Subject: [PATCH] fix build error with capability.h
--- src/murmur/murmur_pch.h | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/src/murmur/murmur_pch.h b/src/murmur/murmur_pch.h index daf7884..27c38a1 100644 --- a/src/murmur/murmur_pch.h +++ b/src/murmur/murmur_pch.h @@ -56,6 +56,7 @@ extern "C" { #include <sys/time.h> #include <sys/resource.h> #ifdef Q_OS_LINUX +#include <linux/types.h> // needed to work around evil magic stuff in capability.h #include <sys/capability.h> #include <sys/prctl.h> #endif -- 1.7.1 ++++++ 0003-fix-long-username-query.patch ++++++ commit 6b33dda344f89e5a039b7d79eb43925040654242 Author: Benjamin Jemlich <pcgod@users.sourceforge.net> Date: Tue Jun 29 14:49:14 2010 +0200 Don't crash on long usernames diff --git a/src/murmur/Messages.cpp b/src/murmur/Messages.cpp index f12867a..de307ea 100644 --- a/src/murmur/Messages.cpp +++ b/src/murmur/Messages.cpp @@ -1231,6 +1231,9 @@ void Server::msgQueryUsers(ServerUser *uSource, MumbleProto::QueryUsers &msg) { for (int i=0;i<msg.names_size();++i) { QString name = u8(msg.names(i)); + if (!validateUserName(name)) { + continue; + } int id = getUserID(name); if (id >= 0) { name = getUserName(id); diff --git a/src/murmur/ServerDB.cpp b/src/murmur/ServerDB.cpp index 11b6906..7e15def 100644 --- a/src/murmur/ServerDB.cpp +++ b/src/murmur/ServerDB.cpp @@ -810,7 +810,7 @@ int Server::authenticate(QString &name, const QString &pw, const QStringList &em TransactionHolder th; QSqlQuery &query = *th.qsqQuery; - SQLPREP("SELECT `user_id`,`name`,`pw` FROM `%1users` WHERE `server_id` = ? AND `name` like ?"); + SQLPREP("SELECT `user_id`,`name`,`pw` FROM `%1users` WHERE `server_id` = ? AND LOWER(`name`) = LOWER(?)"); query.addBindValue(iServerNum); query.addBindValue(name); SQLEXEC(); @@ -1051,7 +1051,7 @@ int Server::getUserID(const QString &name) { TransactionHolder th; QSqlQuery &query = *th.qsqQuery; - SQLPREP("SELECT `user_id` FROM `%1users` WHERE `server_id` = ? AND `name` like ?"); + SQLPREP("SELECT `user_id` FROM `%1users` WHERE `server_id` = ? AND LOWER(`name`) = LOWER(?)"); query.addBindValue(iServerNum); query.addBindValue(name); SQLEXEC(); ++++++ 0004-fix-username-validation.patch ++++++ commit 5c40cfeb4b5f8911df926c19f2dd628703840f64 Author: Stefan Hacker <dd0t@users.sourceforge.net> Date: Tue Jun 29 23:39:16 2010 +0200 Don't validate the name before we are sure it wasn't already validated by an authenticator diff --git a/src/murmur/Messages.cpp b/src/murmur/Messages.cpp index de307ea..f12867a 100644 --- a/src/murmur/Messages.cpp +++ b/src/murmur/Messages.cpp @@ -1231,9 +1231,6 @@ void Server::msgQueryUsers(ServerUser *uSource, MumbleProto::QueryUsers &msg) { for (int i=0;i<msg.names_size();++i) { QString name = u8(msg.names(i)); - if (!validateUserName(name)) { - continue; - } int id = getUserID(name); if (id >= 0) { name = getUserName(id); diff --git a/src/murmur/ServerDB.cpp b/src/murmur/ServerDB.cpp index 7e15def..70b4ca4 100644 --- a/src/murmur/ServerDB.cpp +++ b/src/murmur/ServerDB.cpp @@ -1048,6 +1048,11 @@ int Server::getUserID(const QString &name) { qhUserNameCache.insert(id, name); return id; } + + if (!validateUserName(name)) { + return id; + } + TransactionHolder th; QSqlQuery &query = *th.qsqQuery; ++++++ baselibs.conf ++++++ mumble -/usr/lib/mumble/plugins ++++++ mumble-1.1.4-sle10glx.diff ++++++ Index: mumble-1.2.2/overlay_gl/overlay.c =================================================================== --- mumble-1.2.2.orig/overlay_gl/overlay.c +++ mumble-1.2.2/overlay_gl/overlay.c @@ -54,6 +54,9 @@ #include <math.h> #include <errno.h> +/* hack for sle10 */ +typedef void (*__GLXextFuncPtr)(void); + typedef unsigned char bool; #define true 1 #define false 0 ++++++ mumble-1.2.1-wizardpageorder.diff ++++++ Change Certificate Wizard page order to work around bug in Qt 4.4 Index: mumble-1.2.1/src/mumble/Cert.ui =================================================================== --- mumble-1.2.1.orig/src/mumble/Cert.ui +++ mumble-1.2.1/src/mumble/Cert.ui @@ -141,6 +141,76 @@ </item> </layout> </widget> + <widget class="CompletablePage" name="qwpNew"> + <property name="title"> + <string>New Certificate</string> + </property> + <property name="subTitle"> + <string>Generate a new certificate for strong authentication</string> + </property> + <attribute name="pageId"> + <string notr="true">1</string> + </attribute> + <layout class="QGridLayout" name="gridLayout_3"> + <item row="0" column="0" colspan="2"> + <widget class="QLabel" name="qlNewText"> + <property name="text"> + <string><p>Mumble will now generate a strong certificate for authentication to servers.</p><p>If you wish, you may provide some additional information to be stored in the certificate, which will be presented to servers when you connect. If you provide a valid email address, you can upgrade to a CA issued email certificate later on, which provides strong identification.</p></string> + </property> + <property name="wordWrap"> + <bool>true</bool> + </property> + </widget> + </item> + <item row="1" column="0"> + <widget class="QLabel" name="qlName"> + <property name="text"> + <string>Name</string> + </property> + <property name="buddy"> + <cstring>qleName</cstring> + </property> + </widget> + </item> + <item row="2" column="0"> + <widget class="QLabel" name="qlEmail"> + <property name="text"> + <string>Email</string> + </property> + <property name="buddy"> + <cstring>qleEmail</cstring> + </property> + </widget> + </item> + <item row="2" column="1"> + <widget class="QLineEdit" name="qleEmail"> + <property name="toolTip"> + <string>Your email address (e.g. johndoe@mumble.info)</string> + </property> + <property name="whatsThis"> + <string>This is your email address. It is strongly recommended to provide a valid email address, as this will allow you to upgrade to a strong certificate without authentication problems.</string> + </property> + </widget> + </item> + <item row="3" column="1"> + <widget class="QLabel" name="qlError"> + <property name="text"> + <string/> + </property> + </widget> + </item> + <item row="1" column="1"> + <widget class="QLineEdit" name="qleName"> + <property name="toolTip"> + <string>Your name (e.g. John Doe)</string> + </property> + <property name="whatsThis"> + <string>This is your name, and will be filled out in the certificate. This field is entirely optional.</string> + </property> + </widget> + </item> + </layout> + </widget> <widget class="CompletablePage" name="qwpImport"> <property name="title"> <string>Import Certificate</string> @@ -234,78 +304,6 @@ </item> </layout> </widget> - <widget class="QWizardPage" name="qwpReplace"> - <property name="title"> - <string>Replace Certificate</string> - </property> - <property name="subTitle"> - <string>Replace existing certificate with new certificate?</string> - </property> - <attribute name="pageId"> - <string notr="true">4</string> - </attribute> - <layout class="QGridLayout" name="gridLayout_2"> - <item row="0" column="0" colspan="2"> - <widget class="QLabel" name="qlReplace"> - <property name="enabled"> - <bool>true</bool> - </property> - <property name="text"> - <string><p>You already have a certificate stored in Mumble, and you are about to replace it.</p> -<p>If you are upgrading to a certificate issued to you by a trusted CA and the email addresses match your current certificate, this is completely safe, and servers you connect to will automatically recognize the strong certificate for your email address. -</p> -<p>If this is not the case, you will no longer be recognized by any server you previously have authenticated with. If you haven't been registered on any server yet, this is nothing to worry about. -</p> -<p> -Are you sure you wish to replace your certificate? -</p> -</string> - </property> - <property name="wordWrap"> - <bool>true</bool> - </property> - </widget> - </item> - <item row="1" column="0"> - <widget class="CertView" name="cvCurrent"> - <property name="sizePolicy"> - <sizepolicy hsizetype="Preferred" vsizetype="Preferred"> - <horstretch>1</horstretch> - <verstretch>0</verstretch> - </sizepolicy> - </property> - <property name="toolTip"> - <string>Current certificate</string> - </property> - <property name="whatsThis"> - <string>This is the certificate Mumble currently uses. It will be replaced.</string> - </property> - <property name="title"> - <string>Current Certificate</string> - </property> - </widget> - </item> - <item row="1" column="1"> - <widget class="CertView" name="cvNew"> - <property name="sizePolicy"> - <sizepolicy hsizetype="Preferred" vsizetype="Preferred"> - <horstretch>1</horstretch> - <verstretch>0</verstretch> - </sizepolicy> - </property> - <property name="toolTip"> - <string>New certificate</string> - </property> - <property name="whatsThis"> - <string>This is the new certificate that will replace the old one.</string> - </property> - <property name="title"> - <string>New Certificate</string> - </property> - </widget> - </item> - </layout> - </widget> <widget class="CompletablePage" name="qwpExport"> <property name="title"> <string>Export Certificate</string> @@ -374,21 +372,32 @@ Are you sure you wish to replace your ce </item> </layout> </widget> - <widget class="CompletablePage" name="qwpNew"> + <widget class="QWizardPage" name="qwpReplace"> <property name="title"> - <string>New Certificate</string> + <string>Replace Certificate</string> </property> <property name="subTitle"> - <string>Generate a new certificate for strong authentication</string> + <string>Replace existing certificate with new certificate?</string> </property> <attribute name="pageId"> - <string notr="true">1</string> + <string notr="true">4</string> </attribute> - <layout class="QGridLayout" name="gridLayout_3"> + <layout class="QGridLayout" name="gridLayout_2"> <item row="0" column="0" colspan="2"> - <widget class="QLabel" name="qlNewText"> + <widget class="QLabel" name="qlReplace"> + <property name="enabled"> + <bool>true</bool> + </property> <property name="text"> - <string><p>Mumble will now generate a strong certificate for authentication to servers.</p><p>If you wish, you may provide some additional information to be stored in the certificate, which will be presented to servers when you connect. If you provide a valid email address, you can upgrade to a CA issued email certificate later on, which provides strong identification.</p></string> + <string><p>You already have a certificate stored in Mumble, and you are about to replace it.</p> +<p>If you are upgrading to a certificate issued to you by a trusted CA and the email addresses match your current certificate, this is completely safe, and servers you connect to will automatically recognize the strong certificate for your email address. +</p> +<p>If this is not the case, you will no longer be recognized by any server you previously have authenticated with. If you haven't been registered on any server yet, this is nothing to worry about. +</p> +<p> +Are you sure you wish to replace your certificate? +</p> +</string> </property> <property name="wordWrap"> <bool>true</bool> @@ -396,49 +405,40 @@ Are you sure you wish to replace your ce </widget> </item> <item row="1" column="0"> - <widget class="QLabel" name="qlName"> - <property name="text"> - <string>Name</string> - </property> - <property name="buddy"> - <cstring>qleName</cstring> - </property> - </widget> - </item> - <item row="2" column="0"> - <widget class="QLabel" name="qlEmail"> - <property name="text"> - <string>Email</string> - </property> - <property name="buddy"> - <cstring>qleEmail</cstring> + <widget class="CertView" name="cvCurrent"> + <property name="sizePolicy"> + <sizepolicy hsizetype="Preferred" vsizetype="Preferred"> + <horstretch>1</horstretch> + <verstretch>0</verstretch> + </sizepolicy> </property> - </widget> - </item> - <item row="2" column="1"> - <widget class="QLineEdit" name="qleEmail"> <property name="toolTip"> - <string>Your email address (e.g. johndoe@mumble.info)</string> + <string>Current certificate</string> </property> <property name="whatsThis"> - <string>This is your email address. It is strongly recommended to provide a valid email address, as this will allow you to upgrade to a strong certificate without authentication problems.</string> + <string>This is the certificate Mumble currently uses. It will be replaced.</string> </property> - </widget> - </item> - <item row="3" column="1"> - <widget class="QLabel" name="qlError"> - <property name="text"> - <string/> + <property name="title"> + <string>Current Certificate</string> </property> </widget> </item> <item row="1" column="1"> - <widget class="QLineEdit" name="qleName"> + <widget class="CertView" name="cvNew"> + <property name="sizePolicy"> + <sizepolicy hsizetype="Preferred" vsizetype="Preferred"> + <horstretch>1</horstretch> + <verstretch>0</verstretch> + </sizepolicy> + </property> <property name="toolTip"> - <string>Your name (e.g. John Doe)</string> + <string>New certificate</string> </property> <property name="whatsThis"> - <string>This is your name, and will be filled out in the certificate. This field is entirely optional.</string> + <string>This is the new certificate that will replace the old one.</string> + </property> + <property name="title"> + <string>New Certificate</string> </property> </widget> </item> ++++++ mumble-1.2.2-buildcompare.diff ++++++ including __DATE__ and __TIME__ in packages breaks build-compare Index: mumble-1.2.2/src/mumble/VersionCheck.cpp =================================================================== --- mumble-1.2.2.orig/src/mumble/VersionCheck.cpp +++ mumble-1.2.2/src/mumble/VersionCheck.cpp @@ -41,8 +41,6 @@ VersionCheck::VersionCheck(bool autochec url.setPath(focus ? QLatin1String("/focus.php") : QLatin1String("/ver.php")); url.addQueryItem(QLatin1String("ver"), QLatin1String(QUrl::toPercentEncoding(QLatin1String(MUMBLE_RELEASE)))); - url.addQueryItem(QLatin1String("date"), QLatin1String(QUrl::toPercentEncoding(QLatin1String(__DATE__)))); - url.addQueryItem(QLatin1String("time"), QLatin1String(QUrl::toPercentEncoding(QLatin1String(__TIME__)))); #if defined(Q_OS_WIN) url.addQueryItem(QLatin1String("os"), QLatin1String("Win32")); #elif defined(Q_OS_MAC) ++++++ mumble-server.init ++++++ #! /bin/bash # ### BEGIN INIT INFO # Provides: mumble-server # Required-Start: $network $local_fs $remote_fs dbus # Required-Stop: $network $local_fs $remote_fs dbus # Should-Start: mysql # Should-Stop: mysql # Default-Start: 3 5 # Default-Stop: 0 1 2 6 # Short-Description: Mumble VoIP Server ### END INIT INFO PATH=/sbin:/bin:/usr/sbin:/usr/bin NAME=mumble-server PIDDIR=/var/run/$NAME PIDFILE=$PIDDIR/$NAME.pid DAEMON=/usr/sbin/murmurd USER=mumble-server GROUP=mumble-server INIFILE=/etc/mumble-server.ini DAEMON_OPTS="-ini $INIFILE" MURMUR_DAEMON_START=0 MURMUR_USE_CAPABILITIES=0 MURMUR_LIMIT_NOFILE=0 MURMUR_LIMIT_RTPRIO=0 # Include murmur defaults if available if [ -f /etc/default/$NAME ] ; then . /etc/default/$NAME fi . /etc/rc.status if [ "$MURMUR_LIMIT_NOFILE" -gt 0 ] ; then ulimit -n $MURMUR_LIMIT_NOFILE fi if [ "$MURMUR_LIMIT_RTPRIO" -gt 0 ]; then ulimit -r 1 fi case "$1" in start) echo -n "Starting $NAME " user=`sed -ne '/^uname=/s/.*=//p' < $INIFILE` if [ -z "$user" ]; then echo -n "${ext}No user configured in $INIFILE, refusing to run as root${norm}" rc_status -v 6 else eval HOME=~$user cd $HOME /sbin/start_daemon -p $PIDFILE -u $user $DAEMON $DAEMON_OPTS rc_status -v fi ;; stop) echo -n "Shutting down $NAME " killproc -p $PIDFILE -TERM $DAEMON rc_status -v ;; try-restart|condrestart) $0 status if test $? = 0; then $0 restart else rc_reset # Not running is not a failure. fi # Remember status and be quiet rc_status ;; restart) $0 stop $0 start rc_status ;; force-reload) $0 try-restart rc_status ;; reload) rc_failed 3 rc_status -v ;; status) echo -n "Checking for service $NAME " /sbin/checkproc $DAEMON rc_status -v ;; *) echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload}" exit 1 ;; esac rc_exit ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org