Hello community,
here is the log from the commit of package jabberd
checked in at Wed May 31 17:03:52 CEST 2006.
--------
--- jabberd/jabberd.changes 2006-01-25 21:36:45.000000000 +0100
+++ jabberd/jabberd.changes 2006-05-31 15:54:28.000000000 +0200
@@ -1,0 +2,26 @@
+Wed May 31 15:26:04 CEST 2006 - max@suse.de
+
+- Updated to version 2.0s11, fixing a remote DoS vulnerability.
+
+- Build the storage and authreg drivers as loadable modules
+ (jabberd-dbmodules.patch).
+
+- Skip automatic dependency generation for the modules to avoid
+ the requiremet for mini subpackages only containing a single
+ small shared library.
+
+- Enable all possible storage and authreg modules, now that we
+ have the flexibility.
+
+- Added jabberd-README.SUSE to explain the new module concept.
+
+- Use an installed copy of expat (jabberd-expat.patch).
+
+- Support authentication via SQLite (jabberd-sqlite.patch).
+
+- Make PostgreSQL connection credencials optional
+ (jabberd-pgsql.patch).
+
+- Create a user and group so that the server doesn't run as root.
+
+-------------------------------------------------------------------
Old:
----
jabberd-2.0s10.tar.bz2
New:
----
jabberd-2.0s11.tar.bz2
jabberd-README.SUSE
jabberd-dbmodules.patch
jabberd-expat.patch
jabberd-pgsql.patch
jabberd-sqlite.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ jabberd.spec ++++++
--- /var/tmp/diff_new_pack.M6jcKb/_old 2006-05-31 17:03:11.000000000 +0200
+++ /var/tmp/diff_new_pack.M6jcKb/_new 2006-05-31 17:03:11.000000000 +0200
@@ -1,18 +1,20 @@
#
-# spec file for package jabberd (Version 2.0s10)
+# spec file for package jabberd (Version 2.0s11)
#
# Copyright (c) 2006 SUSE LINUX Products GmbH, Nuernberg, Germany.
# This file and all modifications and additions to the pristine
# package are under the same license as the package itself.
#
-# Please submit bugfixes or comments via http://bugs.opensuse.org
+# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
# norootforbuild
Name: jabberd
-BuildRequires: db-devel krb5-devel libidn-devel mysql-devel openldap2 openldap2-devel pam-devel
-Version: 2.0s10
+BuildRequires: expat openssl-devel postgresql-devel sqlite-devel
+BuildRequires: db-devel krb5-devel libidn-devel mysql-devel
+BuildRequires: openldap2 openldap2-devel pam-devel
+Version: 2.0s11
Release: 1
URL: http://jabberd.jabberstudio.org/
Group: Productivity/Networking/Other
@@ -21,13 +23,20 @@
Source: %{name}-%{version}.tar.bz2
Source1: jabberd.init
Source2: jabberd.pam
+Source3: jabberd-README.SUSE
+Patch1: jabberd-sqlite.patch
+Patch2: jabberd-pgsql.patch
+Patch3: jabberd-dbmodules.patch
+Patch9: jabberd-expat.patch
# Needed for init script,
Requires: net-tools
+PreReq: /usr/sbin/useradd /usr/sbin/groupadd
+PreReq: %insserv_prereq
Autoreqprov: on
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
-Jabber Open Source Server.
+Jabber open source server.
@@ -56,35 +65,75 @@
Albert Chin
%prep
-%setup
+%setup -q
+rm -rf expat
+cp -a %SOURCE3 README.SUSE
+%patch1
+%patch2
+%patch3
+%patch9
%build
+%{?suse_update_config:%suse_update_config}
+autoreconf --force --install
export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -DLDAP_DEPRECATED"
-# If you want to compile for postgreSQL, add postgresql-libs postgresql-devel to neededforbuild and
-# "--enable-pgsql --with-extra-include-path=/usr/include/pgsql" and optionally "--disable-mysql"
./configure\
- --prefix=/usr\
- --sysconfdir=/etc\
- --localstatedir=/var/lib\
- --mandir=/usr/share/man\
- --enable-db --enable-ldap --enable-pam --enable-pipe --enable-anon --enable-fs
+ --prefix=/usr \
+ --libdir=%_libdir \
+ --sysconfdir=/etc \
+ --localstatedir=/var/lib \
+ --mandir=/usr/share/man \
+ --enable-mysql \
+ --enable-pgsql \
+ --with-extra-include-path=/usr/include/pgsql \
+ --enable-sqlite \
+ --enable-db \
+ --enable-ldap \
+ --enable-pam \
+ --enable-pipe \
+ --enable-anon \
+ --enable-fs
make
%install
-rm -rf $RPM_BUILD_ROOT
-make DESTDIR=$RPM_BUILD_ROOT install
-mkdir -p $RPM_BUILD_ROOT/etc/{init,pam}.d $RPM_BUILD_ROOT/usr/sbin
-install %{S:1} $RPM_BUILD_ROOT/etc/init.d/jabberd
-install -m0644 %{S:2} $RPM_BUILD_ROOT/etc/pam.d/jabberd
-ln -s ../../etc/init.d/jabberd $RPM_BUILD_ROOT/usr/sbin/rcjabberd
-mkdir -p $RPM_BUILD_ROOT/var/lib/jabberd/db $RPM_BUILD_ROOT/var/lib/jabberd/pid
+make DESTDIR=%buildroot install
+install -d -m750 %buildroot/etc/{init,pam}.d %buildroot/usr/sbin
+install %{S:1} %buildroot/etc/init.d/jabberd
+install -m0644 %{S:2} %buildroot/etc/pam.d/jabberd
+ln -s /etc/init.d/jabberd %buildroot/usr/sbin/rcjabberd
+mkdir -p %buildroot/var/lib/jabberd/{db,pid}
+# .la files are not needed for loadable modules.
+rm -f %buildroot%_libdir/%name/*.la
+# keep the dependencies of the database plugins out of the requires list
+%define my_requires /tmp/my-requires
+cat << EOF > %my_requires
+#!/bin/sh
+fgrep -v %_libdir/%name | %__find_requires
+EOF
+chmod 755 %my_requires
+%define __find_requires %my_requires
%clean
-rm -rf $RPM_BUILD_ROOT
+rm -rf %buildroot
+
+%pre
+groupadd --system jabber 2>/dev/null ||:
+useradd --system --gid jabber --comment "Jabber Server" \
+ --home /var/lib/jabberd --shell /bin/false jabber 2>/dev/null ||:
+exit 0
+
+%preun
+%{?stop_on_removal:%stop_on_removal jabberd}
+exit 0
+
+%postun
+%{?insserv_cleanup:%insserv_cleanup}
+exit 0
%files
-%defattr (-, root, root)
+%defattr (-, root, root, -)
%doc AUTHORS COPYING ChangeLog NEWS PROTOCOL README TODO
+%doc README.SUSE tools/db-*
/etc/init.d/*
%config /etc/pam.d/*
%dir /etc/jabberd
@@ -97,12 +146,27 @@
/etc/jabberd/templates/*.xml.dist
/usr/bin/*
/usr/sbin/*
-%doc /usr/share/man/man?/*.*
-%dir /var/lib/jabberd
-%dir /var/lib/jabberd/db
-%dir /var/lib/jabberd/pid
+%_libdir/%name
+%doc /usr/share/man/*/*
+%defattr (-, jabber, jabber, -)
+/var/lib/jabberd
%changelog -n jabberd
+* Wed May 31 2006 - max@suse.de
+- Updated to version 2.0s11, fixing a remote DoS vulnerability.
+- Build the storage and authreg drivers as loadable modules
+ (jabberd-dbmodules.patch).
+- Skip automatic dependency generation for the modules to avoid
+ the requiremet for mini subpackages only containing a single
+ small shared library.
+- Enable all possible storage and authreg modules, now that we
+ have the flexibility.
+- Added jabberd-README.SUSE to explain the new module concept.
+- Use an installed copy of expat (jabberd-expat.patch).
+- Support authentication via SQLite (jabberd-sqlite.patch).
+- Make PostgreSQL connection credencials optional
+ (jabberd-pgsql.patch).
+- Create a user and group so that the server doesn't run as root.
* Wed Jan 25 2006 - mls@suse.de
- converted neededforbuild to BuildRequires
* Tue Jan 10 2006 - sbrabec@suse.cz
++++++ jabberd-2.0s10.tar.bz2 -> jabberd-2.0s11.tar.bz2 ++++++
++++ 11122 lines of diff (skipped)
++++ retrying with extended exclude list
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/jabberd-2.0s10/PROTOCOL new/jabberd-2.0s11/PROTOCOL
--- old/jabberd-2.0s10/PROTOCOL 2005-10-04 08:44:07.000000000 +0200
+++ new/jabberd-2.0s11/PROTOCOL 2006-03-09 08:51:21.000000000 +0100
@@ -10,7 +10,7 @@
This document lists the protocols supported by the server, and any notes
relating to the implementation.
-This is current as of 2005-10-04 (jabberd 2.0s10).
+This is current as of 2005-10-04 (jabberd 2.0s11).
XMPP
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/jabberd-2.0s10/README new/jabberd-2.0s11/README
--- old/jabberd-2.0s10/README 2005-10-04 08:43:12.000000000 +0200
+++ new/jabberd-2.0s11/README 2006-03-09 08:51:07.000000000 +0100
@@ -1,4 +1,4 @@
-README for Jabber Open Source Server (2.0s10)
+README for Jabber Open Source Server (2.0s11)
Thanks for downloading jabberd 2.0. Below are some basic instructions to
get you started. Complete documentation is available at
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/jabberd-2.0s10/configure.in new/jabberd-2.0s11/configure.in
--- old/jabberd-2.0s10/configure.in 2005-10-04 08:42:58.000000000 +0200
+++ new/jabberd-2.0s11/configure.in 2006-03-09 08:50:54.000000000 +0100
@@ -1,5 +1,5 @@
dnl jabberd2 configure script
-dnl $Id: configure.in,v 1.79.2.36 2005/08/21 10:01:58 zion Exp $
+dnl $Id: configure.in,v 1.79.2.37 2005/10/29 20:30:16 zion Exp $
dnl
dnl autoconf setup
@@ -8,7 +8,7 @@
AC_PREREQ(2.57)
dnl startup
-AC_INIT(jabberd, 2.0s10)
+AC_INIT(jabberd, 2.0s11)
AM_INIT_AUTOMAKE
dnl copyright
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/jabberd-2.0s10/scod/scod.c new/jabberd-2.0s11/scod/scod.c
--- old/jabberd-2.0s10/scod/scod.c 2003-10-28 05:53:43.000000000 +0100
+++ new/jabberd-2.0s11/scod/scod.c 2005-10-29 22:23:57.000000000 +0200
@@ -279,7 +279,10 @@
int scod_server_step(scod_t sd, const char *resp, int resplen, char **chal, int *challen) {
int ret;
- assert((int) sd);
+ /* Check that auth has actually begun */
+ if(sd == NULL)
+ return sd_err_UNKNOWN_MECH;
+
assert((int) resp);
assert((int) chal);
assert((int) challen);
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/jabberd-2.0s10/sx/sasl.c new/jabberd-2.0s11/sx/sasl.c
--- old/jabberd-2.0s10/sx/sasl.c 2005-07-26 09:28:15.000000000 +0200
+++ new/jabberd-2.0s11/sx/sasl.c 2005-10-29 22:23:57.000000000 +0200
@@ -211,7 +211,7 @@
static void _sx_sasl_client_process(sx_t s, sx_plugin_t p, scod_t sd, char *mech, char *in, int inlen) {
_sx_sasl_t ctx = (_sx_sasl_t) p->private;
char realm[256];
- char *buf, *out;
+ char *buf = NULL, *out = NULL;
int buflen, outlen, ret;
if(mech != NULL) {
++++++ jabberd-dbmodules.patch ++++++
++++ 642 lines (skipped)
++++++ jabberd-expat.patch ++++++
--- Makefile.am
+++ Makefile.am
@@ -1,6 +1,6 @@
EXTRA_DIST = PROTOCOL Doxyfile.in README.win32 contrib
-SUBDIRS = etc tools man expat mio scod subst sx util c2s resolver router s2s sm
+SUBDIRS = etc tools man mio scod subst sx util c2s resolver router s2s sm
docs: Doxyfile
@doxygen
--- c2s/Makefile.am
+++ c2s/Makefile.am
@@ -10,7 +10,7 @@
$(top_builddir)/mio/libmio.la \
$(top_builddir)/util/libutil.la \
$(top_builddir)/subst/libsubst.la \
- $(top_builddir)/expat/libexpat.la
+ -lexpat
MODULE_LDFLAGS = -module -avoid-version
--- configure.in
+++ configure.in
@@ -791,7 +791,6 @@
etc/templates/Makefile \
tools/Makefile \
man/Makefile \
- expat/Makefile \
mio/Makefile \
scod/Makefile \
subst/Makefile \
--- resolver/Makefile.am
+++ resolver/Makefile.am
@@ -10,4 +10,4 @@
$(top_builddir)/mio/libmio.la \
$(top_builddir)/util/libutil.la \
$(top_builddir)/subst/libsubst.la \
- $(top_builddir)/expat/libexpat.la
+ -lexpat
--- router/Makefile.am
+++ router/Makefile.am
@@ -10,4 +10,4 @@
$(top_builddir)/mio/libmio.la \
$(top_builddir)/util/libutil.la \
$(top_builddir)/subst/libsubst.la \
- $(top_builddir)/expat/libexpat.la
+ -lexpat
\ No newline at end of file
--- s2s/Makefile.am
+++ s2s/Makefile.am
@@ -10,4 +10,4 @@
$(top_builddir)/mio/libmio.la \
$(top_builddir)/util/libutil.la \
$(top_builddir)/subst/libsubst.la \
- $(top_builddir)/expat/libexpat.la
+ -lexpat
--- sm/Makefile.am
+++ sm/Makefile.am
@@ -42,7 +42,7 @@
$(top_builddir)/mio/libmio.la \
$(top_builddir)/util/libutil.la \
$(top_builddir)/subst/libsubst.la \
- $(top_builddir)/expat/libexpat.la
+ -lexpat
sm_LDFLAGS = -export-dynamic
--- sx/sx.h
+++ sx/sx.h
@@ -27,7 +27,7 @@
#include "ac-stdint.h"
-#include
+#include
#include
#ifdef __cplusplus
--- util/config.c
+++ util/config.c
@@ -19,7 +19,7 @@
*/
#include "util.h"
-#include "expat/expat.h"
+#include
/** new config structure */
config_t config_new(void)
--- util/nad.c
+++ util/nad.c
@@ -35,7 +35,7 @@
#include "util.h"
#ifdef HAVE_EXPAT
-#include "expat/expat.h"
+#include
#endif
/* define NAD_DEBUG to get pointer tracking - great for weird bugs that you can't reproduce */
++++++ jabberd-pgsql.patch ++++++
--- c2s/authreg_pgsql.c
+++ c2s/authreg_pgsql.c
@@ -500,11 +500,6 @@
user = config_get_one(ar->c2s->config, "authreg.pgsql.user", 0);
pass = config_get_one(ar->c2s->config, "authreg.pgsql.pass", 0);
- if(host == NULL || port == NULL || dbname == NULL || user == NULL || pass == NULL) {
- log_write(ar->c2s->log, LOG_ERR, "pgsql: invalid module config");
- return 1;
- }
-
log_debug( ZONE, "pgsql connecting as '%s' to database '%s' on %s:%s", user, dbname, host, port );
conn = PQsetdbLogin(host, port, NULL, NULL, dbname, user, pass);
--- resolver/dns.c
+++ resolver/dns.c
@@ -72,7 +72,7 @@
/* unix implementation */
-#ifdef HAVE_RES_QUERY
+#if defined(HAVE_RES_QUERY) || defined(HAVE___RES_QUERY)
/* older systems might not have these */
#ifndef T_SRV
--- sm/storage_pgsql.c
+++ sm/storage_pgsql.c
@@ -599,11 +599,6 @@
user = config_get_one(drv->st->sm->config, "storage.pgsql.user", 0);
pass = config_get_one(drv->st->sm->config, "storage.pgsql.pass", 0);
- if(host == NULL || port == NULL || dbname == NULL || user == NULL || pass == NULL) {
- log_write(drv->st->sm->log, LOG_ERR, "pgsql: invalid driver config");
- return st_FAILED;
- }
-
conn = PQsetdbLogin(host, port, NULL, NULL, dbname, user, pass);
if(conn == NULL) {
log_write(drv->st->sm->log, LOG_ERR, "pgsql: unable to allocate database connection state");
++++++ jabberd-sqlite.patch ++++++
++++ 689 lines (skipped)
++++++ jabberd.init ++++++
--- jabberd/jabberd.init 2005-09-06 13:52:03.000000000 +0200
+++ jabberd/jabberd.init 2006-04-12 12:22:49.000000000 +0200
@@ -88,6 +88,7 @@
# description: jabberd2 is the next generation of the jabberd server
# chkconfig: 2345 85 15
#
+
progs="router resolver sm c2s s2s"
progsPath="/usr/bin"
confPath="/etc/jabberd"
@@ -173,7 +174,7 @@
rm -f /var/lock/subsys/${prog}
rm -f ${pidPath}/${prog}.pid
args="-c ${confPath}/${prog}.xml"
- ${progsPath}/${prog} ${args} & 2> /dev/null
+ startproc -u jabber -p ${pidPath}/${prog}.pid -q ${progsPath}/${prog} ${args}
retval=$?
if [ ${retval} == 0 ]; then
StatusOK
@@ -193,7 +194,7 @@
echo "Terminating jabberd processes..."
for prog in ${progs}; do
echo -ne "\tStopping ${prog} "
- killproc ${prog}
+ killproc -p ${pidPath}/${prog}.pid ${prog}
retval=$?
if [ ${retval} == 0 ]; then
StatusOK
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...