Hello community,
here is the log from the commit of package libsoup
checked in at Fri Sep 12 22:14:33 CEST 2008.
--------
--- GNOME/libsoup/libsoup.changes 2008-09-02 04:53:58.000000000 +0200
+++ libsoup/libsoup.changes 2008-09-12 07:52:58.000000000 +0200
@@ -1,0 +2,7 @@
+Fri Sep 12 00:51:39 CDT 2008 - maw@suse.de
+
+- Update to version 2.23.92:
+ + Fixed the handling of a 302 response to a HEAD request, which
+ should NOT be treated like a 303 response (bgo#551190).
+
+-------------------------------------------------------------------
Old:
----
libsoup-2.23.91.tar.bz2
New:
----
libsoup-2.23.92.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libsoup.spec ++++++
--- /var/tmp/diff_new_pack.u25741/_old 2008-09-12 22:11:28.000000000 +0200
+++ /var/tmp/diff_new_pack.u25741/_new 2008-09-12 22:11:28.000000000 +0200
@@ -1,5 +1,5 @@
#
-# spec file for package libsoup (Version 2.23.91)
+# spec file for package libsoup (Version 2.23.92)
#
# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@@ -19,14 +19,17 @@
Name: libsoup
-BuildRequires: glib2-devel gnutls-devel gtk-doc libxml2-devel
+BuildRequires: glib2-devel
+BuildRequires: gnutls-devel
+BuildRequires: gtk-doc
+BuildRequires: libxml2-devel
# We do not need these dependencies needed only for tests.
#BuildRequires: apache2-mod_php5 php5-xmlrpc
License: LGPL v2.1 or later
Group: Development/Libraries/GNOME
AutoReqProv: on
Summary: Simple Object Access Protocol (SOAP)
-Version: 2.23.91
+Version: 2.23.92
Release: 1
Source: ftp://ftp.gnome.org/pub/GNOME/stable/sources/libsoup/2.2/%{name}-%{version}.tar.bz2
# PATCH-FEATURE-UPSTREAM libsoup-334021-client-ssl-certs.patch bgo334021 -- client SSL certificate support
@@ -183,6 +186,10 @@
%{_datadir}/gtk-doc/html/libsoup-2.4
%changelog
+* Fri Sep 12 2008 maw@suse.de
+- Update to version 2.23.92:
+ + Fixed the handling of a 302 response to a HEAD request, which
+ should NOT be treated like a 303 response (bgo#551190).
* Tue Sep 02 2008 mboman@novell.com
- Update to version 2.23.91:
+ Fixed a crash in gvfs [bgo#528882]
++++++ libsoup-2.23.91.tar.bz2 -> libsoup-2.23.92.tar.bz2 ++++++
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libsoup-2.23.91/ChangeLog new/libsoup-2.23.92/ChangeLog
--- old/libsoup-2.23.91/ChangeLog 2008-09-01 23:42:10.000000000 +0200
+++ new/libsoup-2.23.92/ChangeLog 2008-09-08 21:51:11.000000000 +0200
@@ -1,3 +1,17 @@
+2008-09-08 Dan Winship
+
+ * configure.in: 2.23.92
+
+ * NEWS: update
+
+2008-09-07 Dan Winship
+
+ * libsoup/soup-session.c (redirect_handler): a 302 response to
+ HEAD (or any other safe method) should be treated like a 307, not
+ a 303. #551190, Jonathan Matthew.
+
+ * tests/redirect-test.c: test that
+
2008-09-01 Dan Winship
* configure.in: 2.23.91
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libsoup-2.23.91/configure new/libsoup-2.23.92/configure
--- old/libsoup-2.23.91/configure 2008-09-01 23:42:27.000000000 +0200
+++ new/libsoup-2.23.92/configure 2008-09-08 21:51:26.000000000 +0200
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.61 for libsoup 2.23.91.
+# Generated by GNU Autoconf 2.61 for libsoup 2.23.92.
#
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
# 2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
@@ -726,8 +726,8 @@
# Identity of this package.
PACKAGE_NAME='libsoup'
PACKAGE_TARNAME='libsoup'
-PACKAGE_VERSION='2.23.91'
-PACKAGE_STRING='libsoup 2.23.91'
+PACKAGE_VERSION='2.23.92'
+PACKAGE_STRING='libsoup 2.23.92'
PACKAGE_BUGREPORT=''
ac_unique_file="libsoup.pc.in"
@@ -1443,7 +1443,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures libsoup 2.23.91 to adapt to many kinds of systems.
+\`configure' configures libsoup 2.23.92 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1513,7 +1513,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of libsoup 2.23.91:";;
+ short | recursive ) echo "Configuration of libsoup 2.23.92:";;
esac
cat <<\_ACEOF
@@ -1633,7 +1633,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-libsoup configure 2.23.91
+libsoup configure 2.23.92
generated by GNU Autoconf 2.61
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
@@ -1647,7 +1647,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by libsoup $as_me 2.23.91, which was
+It was created by libsoup $as_me 2.23.92, which was
generated by GNU Autoconf 2.61. Invocation command line was
$ $0 $@
@@ -2338,7 +2338,7 @@
# Define the identity of the package.
PACKAGE=libsoup
- VERSION=2.23.91
+ VERSION=2.23.92
cat >>confdefs.h <<_ACEOF
@@ -23332,7 +23332,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by libsoup $as_me 2.23.91, which was
+This file was extended by libsoup $as_me 2.23.92, which was
generated by GNU Autoconf 2.61. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -23385,7 +23385,7 @@
_ACEOF
cat >>$CONFIG_STATUS <<_ACEOF
ac_cs_version="\\
-libsoup config.status 2.23.91
+libsoup config.status 2.23.92
configured by $0, generated by GNU Autoconf 2.61,
with options \\"`echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\"
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libsoup-2.23.91/configure.in new/libsoup-2.23.92/configure.in
--- old/libsoup-2.23.91/configure.in 2008-09-01 23:41:59.000000000 +0200
+++ new/libsoup-2.23.92/configure.in 2008-09-08 21:51:08.000000000 +0200
@@ -3,7 +3,7 @@
dnl *******************************************
AC_PREREQ(2.53)
-AC_INIT(libsoup, 2.23.91)
+AC_INIT(libsoup, 2.23.92)
AC_CONFIG_SRCDIR(libsoup.pc.in)
AM_INIT_AUTOMAKE(AC_PACKAGE_NAME, AC_PACKAGE_VERSION)
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libsoup-2.23.91/libsoup/soup-session.c new/libsoup-2.23.92/libsoup/soup-session.c
--- old/libsoup-2.23.91/libsoup/soup-session.c 2008-08-25 15:38:38.000000000 +0200
+++ new/libsoup-2.23.92/libsoup/soup-session.c 2008-09-07 19:38:21.000000000 +0200
@@ -762,6 +762,11 @@
g_signal_emit (session, signals[AUTHENTICATE], 0, msg, auth, retrying);
}
+#define SOUP_METHOD_IS_SAFE(method) (method == SOUP_METHOD_GET || \
+ method == SOUP_METHOD_HEAD || \
+ method == SOUP_METHOD_OPTIONS || \
+ method == SOUP_METHOD_PROPFIND)
+
static void
redirect_handler (SoupMessage *msg, gpointer user_data)
{
@@ -772,16 +777,9 @@
new_loc = soup_message_headers_get (msg->response_headers, "Location");
g_return_if_fail (new_loc != NULL);
- if (msg->status_code == SOUP_STATUS_MOVED_PERMANENTLY ||
- msg->status_code == SOUP_STATUS_TEMPORARY_REDIRECT) {
- /* Don't redirect non-safe methods */
- if (msg->method != SOUP_METHOD_GET &&
- msg->method != SOUP_METHOD_HEAD &&
- msg->method != SOUP_METHOD_OPTIONS &&
- msg->method != SOUP_METHOD_PROPFIND)
- return;
- } else if (msg->status_code == SOUP_STATUS_SEE_OTHER ||
- msg->status_code == SOUP_STATUS_FOUND) {
+ if (msg->status_code == SOUP_STATUS_SEE_OTHER ||
+ (msg->status_code == SOUP_STATUS_FOUND &&
+ !SOUP_METHOD_IS_SAFE (msg->method))) {
/* Redirect using a GET */
g_object_set (msg,
SOUP_MESSAGE_METHOD, SOUP_METHOD_GET,
@@ -790,6 +788,12 @@
SOUP_MEMORY_STATIC, NULL, 0);
soup_message_headers_set_encoding (msg->request_headers,
SOUP_ENCODING_NONE);
+ } else if (msg->status_code == SOUP_STATUS_MOVED_PERMANENTLY ||
+ msg->status_code == SOUP_STATUS_TEMPORARY_REDIRECT ||
+ msg->status_code == SOUP_STATUS_FOUND) {
+ /* Don't redirect non-safe methods */
+ if (!SOUP_METHOD_IS_SAFE (msg->method))
+ return;
} else {
/* Three possibilities:
*
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libsoup-2.23.91/NEWS new/libsoup-2.23.92/NEWS
--- old/libsoup-2.23.91/NEWS 2008-09-01 23:14:16.000000000 +0200
+++ new/libsoup-2.23.92/NEWS 2008-09-08 21:50:33.000000000 +0200
@@ -1,3 +1,9 @@
+Changes in libsoup from 2.23.91 to 2.23.92:
+
+ * Fixed the handling of a 302 response to a HEAD request,
+ which should NOT be treated like a 303 response. [#551190,
+ Jonathan Matthew]
+
Changes in libsoup from 2.23.6 to 2.23.91:
* Fixed a crash in gvfs [#528882], though there is still an
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libsoup-2.23.91/tests/redirect-test.c new/libsoup-2.23.92/tests/redirect-test.c
--- old/libsoup-2.23.91/tests/redirect-test.c 2008-04-05 15:56:15.000000000 +0200
+++ new/libsoup-2.23.92/tests/redirect-test.c 2008-09-07 19:37:46.000000000 +0200
@@ -23,7 +23,7 @@
static struct {
TestRequest requests[3];
} tests[] = {
- /* A redirecty response to a GET should cause a redirect */
+ /* A redirecty response to a GET or HEAD should cause a redirect */
{ { { "GET", "/301", 301 },
{ "GET", "/", 200 },
@@ -37,8 +37,20 @@
{ { { "GET", "/307", 307 },
{ "GET", "/", 200 },
{ NULL } } },
+ { { { "HEAD", "/301", 301 },
+ { "HEAD", "/", 200 },
+ { NULL } } },
+ { { { "HEAD", "/302", 302 },
+ { "HEAD", "/", 200 },
+ { NULL } } },
+ /* 303 is a nonsensical response to HEAD, so we don't care
+ * what happens there.
+ */
+ { { { "HEAD", "/307", 307 },
+ { "HEAD", "/", 200 },
+ { NULL } } },
- /* A non-redirecty response to a GET should not */
+ /* A non-redirecty response to a GET or HEAD should not */
{ { { "GET", "/300", 300 },
{ NULL } } },
@@ -50,12 +62,25 @@
{ NULL } } },
{ { { "GET", "/308", 308 },
{ NULL } } },
+ { { { "HEAD", "/300", 300 },
+ { NULL } } },
+ { { { "HEAD", "/304", 304 },
+ { NULL } } },
+ { { { "HEAD", "/305", 305 },
+ { NULL } } },
+ { { { "HEAD", "/306", 306 },
+ { NULL } } },
+ { { { "HEAD", "/308", 308 },
+ { NULL } } },
/* Test double-redirect */
{ { { "GET", "/301/302", 301 },
{ "GET", "/302", 302 },
{ "GET", "/", 200 } } },
+ { { { "HEAD", "/301/302", 301 },
+ { "HEAD", "/302", 302 },
+ { "HEAD", "/", 200 } } },
/* POST should only automatically redirect on 302 and 303 */
@@ -184,7 +209,8 @@
guint status_code;
if (!strcmp (path, "/")) {
- if (msg->method != SOUP_METHOD_GET) {
+ if (msg->method != SOUP_METHOD_GET &&
+ msg->method != SOUP_METHOD_HEAD) {
soup_message_set_status (msg, SOUP_STATUS_METHOD_NOT_ALLOWED);
return;
}
@@ -204,9 +230,17 @@
}
soup_message_set_status (msg, SOUP_STATUS_OK);
- soup_message_set_response (msg, "text/plain",
- SOUP_MEMORY_STATIC,
- "OK\r\n", 4);
+
+ /* FIXME: this is wrong, though it doesn't matter for
+ * the purposes of this test, and to do the right
+ * thing currently we'd have to set Content-Length by
+ * hand.
+ */
+ if (msg->method != SOUP_METHOD_HEAD) {
+ soup_message_set_response (msg, "text/plain",
+ SOUP_MEMORY_STATIC,
+ "OK\r\n", 4);
+ }
return;
}
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org