Hello community, here is the log from the commit of package libmesode for openSUSE:Factory checked in at 2020-09-29 19:05:51 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libmesode (Old) and /work/SRC/openSUSE:Factory/.libmesode.new.4249 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "libmesode" Tue Sep 29 19:05:51 2020 rev:5 rq:838592 version:0.10.0 Changes: -------- --- /work/SRC/openSUSE:Factory/libmesode/libmesode.changes 2019-10-12 22:42:53.785757009 +0200 +++ /work/SRC/openSUSE:Factory/.libmesode.new.4249/libmesode.changes 2020-09-29 19:05:56.178061882 +0200 @@ -1,0 +2,11 @@ +Tue Sep 29 15:15:49 UTC 2020 - Michael Vetter <mvetter@suse.com> + +- Update to 0.10.0: + * New API: + - xmpp_stanza_get_child_by_name_and_ns() + - xmpp_stanza_new_from_string() + * Fixed issue with IPv6 on Windows (strophe/libstrophe#153) + * LibreSSL support + * Improved portability across systems such as Haiku, Windows + +------------------------------------------------------------------- Old: ---- 0.9.3.tar.gz New: ---- 0.10.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libmesode.spec ++++++ --- /var/tmp/diff_new_pack.QV8wMf/_old 2020-09-29 19:05:56.782062492 +0200 +++ /var/tmp/diff_new_pack.QV8wMf/_new 2020-09-29 19:05:56.790062501 +0200 @@ -1,7 +1,7 @@ # # spec file for package libmesode # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,12 +18,12 @@ %define c_lib libmesode0 Name: libmesode -Version: 0.9.3 +Version: 0.10.0 Release: 0 Summary: An XMPP library for C License: GPL-3.0-or-later OR MIT Group: Development/Libraries/C and C++ -Url: https://github.com/profanity-im/libmesode +URL: https://github.com/profanity-im/libmesode Source0: https://github.com/profanity-im/%{name}/archive/%{version}.tar.gz BuildRequires: autoconf BuildRequires: automake ++++++ 0.9.3.tar.gz -> 0.10.0.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libmesode-0.9.3/ChangeLog new/libmesode-0.10.0/ChangeLog --- old/libmesode-0.9.3/ChangeLog 2019-10-11 21:08:58.000000000 +0200 +++ new/libmesode-0.10.0/ChangeLog 2020-09-29 17:25:04.000000000 +0200 @@ -1,3 +1,11 @@ +0.10.0 + - New API: + - xmpp_stanza_get_child_by_name_and_ns() + - xmpp_stanza_new_from_string() + - Fixed issue with IPv6 on Windows (https://github.com/strophe/libstrophe/issues/153) + - LibreSSL support + - Improved portability across systems such as Haiku, Windows + 0.9.3 - PLAIN mechanism is used only when no other mechanisms are supported - Legacy authentication is disabled by default, can be enabled with diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libmesode-0.9.3/Makefile.am new/libmesode-0.10.0/Makefile.am --- old/libmesode-0.9.3/Makefile.am 2019-10-11 21:08:58.000000000 +0200 +++ new/libmesode-0.10.0/Makefile.am 2020-09-29 17:25:04.000000000 +0200 @@ -10,7 +10,8 @@ RESOLV_LIBS = @RESOLV_LIBS@ -MESODE_FLAGS = -I$(top_srcdir) -Wall -Wextra -Wno-unused-parameter +WARNING_FLAGS = @WARNING_FLAGS@ +MESODE_FLAGS = -I$(top_srcdir) $(WARNING_FLAGS) MESODE_LIBS = libmesode.la ## Main build targets diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libmesode-0.9.3/configure.ac new/libmesode-0.10.0/configure.ac --- old/libmesode-0.9.3/configure.ac 2019-10-11 21:08:58.000000000 +0200 +++ new/libmesode-0.10.0/configure.ac 2020-09-29 17:25:04.000000000 +0200 @@ -15,14 +15,21 @@ [*nto*|*qnx*], [PLATFORM="qnx"], [*solaris*], [PLATFORM="solaris"], [*android*], [PLATFORM="android"], + [*haiku*], [PLATFORM="haiku"], [PLATFORM="nix"]) +WARNING_FLAGS="-Wall" + +AS_CASE([$PLATFORM], + [haiku], [], + [WARNING_FLAGS="$WARNING_FLAGS -Wextra -Wno-unused-parameter"]) + PKG_CHECK_MODULES([expat], [expat >= 2.0.0], - [PC_REQUIRES+=(expat)], + [PC_REQUIRES="expat ${PC_REQUIRES}"], [AC_CHECK_HEADER([expat.h], [ expat_LIBS="-lexpat" - PC_LIBS+=($expat_LIBS) + PC_LIBS="${expat_LIBS} ${PC_LIBS}" ], [AC_MSG_ERROR([expat not found; expat required.])] ) @@ -34,6 +41,12 @@ AC_ARG_ENABLE([tls], [AS_HELP_STRING([--disable-tls], [disable TLS support])]) +AC_ARG_ENABLE([cares], + [AS_HELP_STRING([--enable-cares], [use c-ares for DNS resolution])]) + +AC_SEARCH_LIBS([socket], [network socket]) +AC_CHECK_FUNCS([snprintf vsnprintf]) +AC_CHECK_DECLS([va_copy], [], [], [#include <stdarg.h>]) if test "x$enable_tls" != xno; then PKG_CHECK_MODULES([openssl], [openssl], @@ -47,13 +60,14 @@ )]) fi -AC_SEARCH_LIBS([socket], [socket]) +AC_SEARCH_LIBS([socket], [network socket]) AS_CASE([$PLATFORM], [bsd], [RESOLV_LIBS=""], [qnx], [RESOLV_LIBS="-lsocket"], [solaris], [RESOLV_LIBS="-lresolv -lsocket -lnsl"], [android], [RESOLV_LIBS=""], + [haiku], [RESOLV_LIBS="-lnetwork"], [RESOLV_LIBS="-lresolv"]) LIBS_TMP="${LIBS}" @@ -91,5 +105,6 @@ AC_SUBST(PARSER_CFLAGS) AC_SUBST(PARSER_LIBS) AC_SUBST(RESOLV_LIBS) +AC_SUBST(WARNING_FLAGS) AC_CONFIG_FILES([Makefile libmesode.pc]) AC_OUTPUT diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libmesode-0.9.3/mesode.h new/libmesode-0.10.0/mesode.h --- old/libmesode-0.9.3/mesode.h 2019-10-11 21:08:58.000000000 +0200 +++ new/libmesode-0.10.0/mesode.h 2020-09-29 17:25:04.000000000 +0200 @@ -331,6 +331,7 @@ /* allocate and initialize a blank stanza */ xmpp_stanza_t *xmpp_stanza_new(xmpp_ctx_t *ctx); +xmpp_stanza_t *xmpp_stanza_new_from_string(xmpp_ctx_t *ctx, const char *str); /* clone a stanza */ xmpp_stanza_t *xmpp_stanza_clone(xmpp_stanza_t * const stanza); @@ -353,6 +354,9 @@ const char * const name); xmpp_stanza_t *xmpp_stanza_get_child_by_ns(xmpp_stanza_t * const stanza, const char * const ns); +xmpp_stanza_t *xmpp_stanza_get_child_by_name_and_ns(xmpp_stanza_t * const stanza, + const char * const name, + const char * const ns); xmpp_stanza_t *xmpp_stanza_get_next(xmpp_stanza_t * const stanza); int xmpp_stanza_add_child(xmpp_stanza_t *stanza, xmpp_stanza_t *child); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libmesode-0.9.3/src/common.h new/libmesode-0.10.0/src/common.h --- old/libmesode-0.9.3/src/common.h 2019-10-11 21:08:58.000000000 +0200 +++ new/libmesode-0.10.0/src/common.h 2020-09-29 17:25:04.000000000 +0200 @@ -132,6 +132,8 @@ }; }; +#define UNUSED(x) ((void)(x)) + #define MAX_DOMAIN_LEN 256 #define SASL_MASK_PLAIN (1 << 0) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libmesode-0.9.3/src/ctx.c new/libmesode-0.10.0/src/ctx.c --- old/libmesode-0.9.3/src/ctx.c 2019-10-11 21:08:58.000000000 +0200 +++ new/libmesode-0.10.0/src/ctx.c 2020-09-29 17:25:04.000000000 +0200 @@ -49,9 +49,10 @@ #include "common.h" #include "util.h" -/* Workaround for visual studio without va_copy support. */ -#if defined(_MSC_VER) && _MSC_VER < 1800 -#define va_copy(d,s) ((d) = (s)) +/* Workaround for systems without va_copy support. */ +#if defined(_MSC_VER) && _MSC_VER < 1800 || \ + !defined(_MSC_VER) && !defined(HAVE_DECL_VA_COPY) +#define va_copy(d, s) (memcpy(&d, &s, sizeof(va_list))) #endif /** Initialize the Strophe library. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libmesode-0.9.3/src/sock.c new/libmesode-0.10.0/src/sock.c --- old/libmesode-0.9.3/src/sock.c 2019-10-11 21:08:58.000000000 +0200 +++ new/libmesode-0.10.0/src/sock.c 2020-09-29 17:25:04.000000000 +0200 @@ -153,18 +153,18 @@ int sock_connect_error(const sock_t sock) { - struct sockaddr sa; + struct sockaddr_storage ss; + struct sockaddr *sa = (struct sockaddr *)&ss; socklen_t len; char temp; - memset(&sa, 0, sizeof(sa)); - sa.sa_family = AF_UNSPEC; - len = sizeof(sa); + memset(&ss, 0, sizeof(ss)); + len = sizeof(ss); + sa->sa_family = AF_UNSPEC; /* we don't actually care about the peer name, we're just checking if * we're connected or not */ - if (getpeername(sock, &sa, &len) == 0) - { + if (getpeername(sock, sa, &len) == 0) { return 0; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libmesode-0.9.3/src/stanza.c new/libmesode-0.10.0/src/stanza.c --- old/libmesode-0.9.3/src/stanza.c 2019-10-11 21:08:58.000000000 +0200 +++ new/libmesode-0.10.0/src/stanza.c 2020-09-29 17:25:04.000000000 +0200 @@ -22,6 +22,7 @@ #include "mesode.h" #include "common.h" #include "hash.h" +#include "parser.h" /** Create a stanza object. * This function allocates and initializes a blank stanza object. @@ -835,6 +836,39 @@ return child; } +/** Get the first child of stanza with name and a given namespace. + * This function searches all the immediate children of stanza for a child + * stanza that matches the name and namespace provided. + * The first matching child is returned. + * + * @param stanza a Strophe stanza object + * @param name a string with the name to match + * @param ns a string with the namespace to match + * + * @return the matching child stanza object or NULL if no match was found + * + * @ingroup Stanza + */ +xmpp_stanza_t *xmpp_stanza_get_child_by_name_and_ns(xmpp_stanza_t * const stanza, + const char * const name, + const char * const ns) +{ + xmpp_stanza_t *child; + const char *child_ns; + + for (child = stanza->children; child; child = child->next) { + if (child->type == XMPP_STANZA_TAG && + (strcmp(name, xmpp_stanza_get_name(child)) == 0)) { + child_ns = xmpp_stanza_get_ns(child); + if (child_ns && strcmp(ns, child_ns) == 0) { + break; + } + } + } + + return child; +} + /** Get the list of children. * This function returns the first child of the stanza object. The rest * of the children can be obtained by calling xmpp_stanza_get_next() to @@ -1353,3 +1387,59 @@ return error; } + +static void _stub_stream_start(char *name, char **attrs, void *userdata) +{ + UNUSED(name); + UNUSED(attrs); + UNUSED(userdata); +} + +static void _stub_stream_end(char *name, void *userdata) +{ + UNUSED(name); + UNUSED(userdata); +} + +static void _stream_stanza(xmpp_stanza_t *stanza, void *userdata) +{ + stanza = xmpp_stanza_clone(stanza); + *(xmpp_stanza_t **)userdata = stanza; +} + +/** Create a stanza object from the string. + * This function allocates and initializes a stanza object which represents + * stanza located in the string. + * The stanza will have a reference count of one, so the caller does not + * need to clone it. + * + * @param ctx a Strophe context object + * @param str stanza in NULL terminated string representation + * + * @return a stanza object or NULL on an error + * + * @ingroup Stanza + */ +xmpp_stanza_t *xmpp_stanza_new_from_string(xmpp_ctx_t *ctx, const char *str) +{ + xmpp_stanza_t *stanza = NULL; + parser_t *parser; + int ret; + + static const char *start = "<stream>"; + static const char *end = "</stream>"; + + parser = parser_new(ctx, _stub_stream_start, _stub_stream_end, + _stream_stanza, &stanza); + if (parser) { + ret = parser_feed(parser, (char *)start, strlen(start)) && + parser_feed(parser, (char *)str, strlen(str)) && + parser_feed(parser, (char *)end, strlen(end)); + parser_free(parser); + if (!ret && stanza) { + xmpp_stanza_release(stanza); + stanza = NULL; + } + } + return stanza; +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libmesode-0.9.3/src/tls_openssl.c new/libmesode-0.10.0/src/tls_openssl.c --- old/libmesode-0.9.3/src/tls_openssl.c 2019-10-11 21:08:58.000000000 +0200 +++ new/libmesode-0.10.0/src/tls_openssl.c 2020-09-29 17:25:04.000000000 +0200 @@ -27,6 +27,22 @@ #include "tls.h" #include "sock.h" +/* + * Redefine OPENSSL_VERSION_NUMBER for LibreSSL. + * LibreSSL and OpenSSL use different and incompatible version schemes. Solve + * this issue in the way how nginx project did. + */ +#if (defined LIBRESSL_VERSION_NUMBER && OPENSSL_VERSION_NUMBER == 0x20000000L) +#undef OPENSSL_VERSION_NUMBER +#if (LIBRESSL_VERSION_NUMBER >= 0x2080000fL) +#define OPENSSL_VERSION_NUMBER 0x1010000fL +#elif (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) +#define OPENSSL_VERSION_NUMBER 0x1000200fL +#else +#define OPENSSL_VERSION_NUMBER 0x1000107fL +#endif +#endif + struct _tls { xmpp_ctx_t *ctx; sock_t sock; @@ -126,49 +142,69 @@ static struct _tlscert_t *_x509_to_tlscert(xmpp_ctx_t *ctx, X509 *cert) { + struct _tlscert_t *tlscert; + X509_NAME *subject; + char *subjectline; + X509_NAME *issuer; + char *issuerline; + ASN1_TIME *notbefore; + char notbefore_str[128]; + ASN1_TIME *notafter; + char notafter_str[128]; + int res; + const EVP_MD *digest; + unsigned char buf[20]; + unsigned len; + int rc; + ASN1_INTEGER *serial = X509_get_serialNumber(cert); + BIGNUM *bn = ASN1_INTEGER_to_BN(serial, NULL); +#if OPENSSL_VERSION_NUMBER < 0x10100000L + int alg_nid; +#else + X509_PUBKEY *pubkey; + ASN1_OBJECT *ppkalg; + int alg_nid; +#endif + if (!cert) { return NULL; } - struct _tlscert_t *tlscert = xmpp_alloc(ctx, sizeof(*tlscert)); + tlscert = xmpp_alloc(ctx, sizeof(*tlscert)); tlscert->subjectname = NULL; - X509_NAME *subject = X509_get_subject_name(cert); - char *subjectline = X509_NAME_oneline(subject, NULL, 0); + subject = X509_get_subject_name(cert); + subjectline = X509_NAME_oneline(subject, NULL, 0); if (subjectline) { tlscert->subjectname = xmpp_strdup(ctx, subjectline); OPENSSL_free(subjectline); } tlscert->issuername = NULL; - X509_NAME *issuer = X509_get_issuer_name(cert); - char *issuerline = X509_NAME_oneline(issuer, NULL, 0); + issuer = X509_get_issuer_name(cert); + issuerline = X509_NAME_oneline(issuer, NULL, 0); if (issuerline) { tlscert->issuername = xmpp_strdup(ctx, issuerline); OPENSSL_free(issuerline); } tlscert->notbefore = NULL; - ASN1_TIME *notbefore = X509_get_notBefore(cert); - char notbefore_str[128]; - int res = convert_ASN1TIME(notbefore, notbefore_str, 128); + notbefore = X509_get_notBefore(cert); + res = convert_ASN1TIME(notbefore, notbefore_str, 128); if (res) { tlscert->notbefore = xmpp_strdup(ctx, notbefore_str); } tlscert->notafter = NULL; - ASN1_TIME *notafter = X509_get_notAfter(cert); - char notafter_str[128]; + notafter = X509_get_notAfter(cert); res = convert_ASN1TIME(notafter, notafter_str, 128); if (res) { tlscert->notafter = xmpp_strdup(ctx, notafter_str); } tlscert->fingerprint = NULL; - const EVP_MD *digest = EVP_sha1(); - unsigned char buf[20]; - unsigned len; - int rc = X509_digest(cert, digest, (unsigned char*) buf, &len); + digest = EVP_sha1(); + rc = X509_digest(cert, digest, (unsigned char*) buf, &len); if (rc != 0 && len == 20) { char fingerprint[2*20+1]; _hex_encode(buf, fingerprint, 20); @@ -178,8 +214,8 @@ tlscert->version = ((int) X509_get_version(cert)) + 1; tlscert->serialnumber = NULL; - ASN1_INTEGER *serial = X509_get_serialNumber(cert); - BIGNUM *bn = ASN1_INTEGER_to_BN(serial, NULL); + serial = X509_get_serialNumber(cert); + bn = ASN1_INTEGER_to_BN(serial, NULL); if (bn) { char *serialnumber = BN_bn2dec(bn); if (serialnumber) { @@ -193,11 +229,11 @@ tlscert->keyalg = NULL; #if OPENSSL_VERSION_NUMBER < 0x10100000L - int alg_nid = OBJ_obj2nid(cert->cert_info->key->algor->algorithm); + alg_nid = OBJ_obj2nid(cert->cert_info->key->algor->algorithm); #else - X509_PUBKEY *pubkey = X509_get_X509_PUBKEY(cert); - ASN1_OBJECT *ppkalg = NULL; - int alg_nid = NID_undef; + pubkey = X509_get_X509_PUBKEY(cert); + ppkalg = NULL; + alg_nid = NID_undef; res = X509_PUBKEY_get0_param(&ppkalg, NULL, NULL, NULL, pubkey); if (res) { alg_nid = OBJ_obj2nid(ppkalg); @@ -254,11 +290,14 @@ } else { int err = X509_STORE_CTX_get_error(x509_ctx); const char *errstr = X509_verify_cert_error_string(err); + X509 *user_cert; + struct _tlscert_t *tlscert; + int cb_res; xmpp_debug(_xmppctx, "TLS", "ERROR: %s", errstr); - X509 *user_cert = sk_X509_value(sk, 0); - struct _tlscert_t *tlscert = _x509_to_tlscert(_xmppctx, user_cert); - int cb_res = 0; + user_cert = sk_X509_value(sk, 0); + tlscert = _x509_to_tlscert(_xmppctx, user_cert); + cb_res = 0; if (_certfail_handler) { cb_res = _certfail_handler(tlscert, errstr); } @@ -290,17 +329,22 @@ //tls_t *tls_new(xmpp_ctx_t *ctx, sock_t sock, xmpp_certfail_handler certfail_handler, char *tls_cert_path) tls_t *tls_new(xmpp_conn_t *conn) { + tls_t *tls; + int mode; _xmppctx = conn->ctx; _certfail_handler = conn->certfail_handler; _cert_handled = 0; _last_cb_res = 0; - tls_t *tls = xmpp_alloc(conn->ctx, sizeof(*tls)); - int mode; + tls = xmpp_alloc(conn->ctx, sizeof(*tls)); xmpp_debug(conn->ctx, "TLS", "OpenSSL version: %s", SSLeay_version(SSLEAY_VERSION)); if (tls) { int ret; +#if OPENSSL_VERSION_NUMBER >= 0x10002000L + /* Hostname verification is supported in OpenSSL 1.0.2 and newer. */ + X509_VERIFY_PARAM *param; +#endif memset(tls, 0, sizeof(*tls)); tls->ctx = conn->ctx; @@ -320,6 +364,7 @@ SSL_CTX_set_client_cert_cb(tls->ssl_ctx, NULL); SSL_CTX_set_mode(tls->ssl_ctx, SSL_MODE_ENABLE_PARTIAL_WRITE); SSL_CTX_set_verify(tls->ssl_ctx, SSL_VERIFY_PEER, verify_callback); + SSL_CTX_set_default_verify_paths(tls->ssl_ctx); if (conn->tls_cert_path) { SSL_CTX_load_verify_locations(tls->ssl_ctx, NULL, conn->tls_cert_path); } @@ -333,7 +378,7 @@ SSL_set_verify(tls->ssl, mode, 0); #if OPENSSL_VERSION_NUMBER >= 0x10002000L /* Hostname verification is supported in OpenSSL 1.0.2 and newer. */ - X509_VERIFY_PARAM *param = SSL_get0_param(tls->ssl); + param = SSL_get0_param(tls->ssl); /* * Allow only complete wildcards. RFC 6125 discourages wildcard usage