Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package sscep for openSUSE:Factory checked
in at 2021-08-23 10:08:25
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/sscep (Old)
and /work/SRC/openSUSE:Factory/.sscep.new.1899 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "sscep"
Mon Aug 23 10:08:25 2021 rev:5 rq:913596 version:0.9.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/sscep/sscep.changes 2021-02-15
23:17:32.651507277 +0100
+++ /work/SRC/openSUSE:Factory/.sscep.new.1899/sscep.changes 2021-08-23
10:09:51.208128596 +0200
@@ -1,0 +2,7 @@
+Thu Aug 19 18:58:26 UTC 2021 - Martin Hauke <mar...@gmx.de>
+
+- Update to version 0.9.1
+ * Fixed missing Host header.
+ * Fixed multiple numeric overflows.
+
+-------------------------------------------------------------------
Old:
----
sscep-0.9.0.tar.gz
New:
----
sscep-0.9.1.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ sscep.spec ++++++
--- /var/tmp/diff_new_pack.NVuowT/_old 2021-08-23 10:09:51.680128046 +0200
+++ /var/tmp/diff_new_pack.NVuowT/_new 2021-08-23 10:09:51.680128046 +0200
@@ -18,7 +18,7 @@
Name: sscep
-Version: 0.9.0
+Version: 0.9.1
Release: 0
Summary: A command line client for the SCEP protocol
License: BSD-3-Clause-Attribution AND OpenSSL
++++++ sscep-0.9.0.tar.gz -> sscep-0.9.1.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/sscep-0.9.0/ChangeLog new/sscep-0.9.1/ChangeLog
--- old/sscep-0.9.0/ChangeLog 2021-02-08 11:01:24.000000000 +0100
+++ new/sscep-0.9.1/ChangeLog 2021-07-30 23:56:52.000000000 +0200
@@ -1,6 +1,10 @@
SSCEP Release history
========================================
+v0.9.1 (2021-07-31)
+* Fixed missing Host header (@papperlapapp)
+* Fixed multiple numeric overflows (@ziemleszcz)
+
v0.9.0 (2021-02-08)
* Added -E options for aes128, aes192 and aes256.
Per RFC8894, plain aes is equal to aes128. (Before 0.9.0 it was aes256.)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/sscep-0.9.0/VERSION new/sscep-0.9.1/VERSION
--- old/sscep-0.9.0/VERSION 2021-02-08 11:01:24.000000000 +0100
+++ new/sscep-0.9.1/VERSION 2021-07-30 23:56:52.000000000 +0200
@@ -1 +1 @@
-0.9.0
+0.9.1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/sscep-0.9.0/configure.ac new/sscep-0.9.1/configure.ac
--- old/sscep-0.9.0/configure.ac 2021-02-08 11:01:24.000000000 +0100
+++ new/sscep-0.9.1/configure.ac 2021-07-30 23:56:52.000000000 +0200
@@ -2,7 +2,7 @@
# Process this file with autoconf to produce a configure script.
AC_PREREQ([2.69])
-AC_INIT([sscep],[0.9.0],[certna...@github.com])
+AC_INIT([sscep],[0.9.1],[certna...@github.com])
AC_CONFIG_AUX_DIR([build-aux])
AM_INIT_AUTOMAKE([foreign subdir-objects dist-bzip2])
m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/sscep-0.9.0/scripts/sscep.spec
new/sscep-0.9.1/scripts/sscep.spec
--- old/sscep-0.9.0/scripts/sscep.spec 2021-02-08 11:01:24.000000000 +0100
+++ new/sscep-0.9.1/scripts/sscep.spec 2021-07-30 23:56:52.000000000 +0200
@@ -4,7 +4,7 @@
#
Name: sscep
-Version: 0.9.0
+Version: 0.9.1
Release: 1
Summary: Simple SCEP client
License: BSD
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/sscep-0.9.0/src/configuration.c
new/sscep-0.9.1/src/configuration.c
--- old/sscep-0.9.0/src/configuration.c 2021-02-08 11:01:24.000000000 +0100
+++ new/sscep-0.9.1/src/configuration.c 2021-07-30 23:56:52.000000000 +0200
@@ -545,7 +545,7 @@
printf("Option: %s, Flag: %i, Value: %s\n",
names[i], flags[i], chars[i]);
}
} else {
- fprintf(stderr, "Length of Arrays does not match! Flags: %li,
Chars: %li, Names: %li\n",
+ fprintf(stderr, "Length of Arrays does not match! Flags: %zu,
Chars: %zu, Names: %zu\n",
sizeof(flags)/sizeof(int),
sizeof(chars)/sizeof(char *),
sizeof(names)/sizeof(char *)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/sscep-0.9.0/src/net.c new/sscep-0.9.1/src/net.c
--- old/sscep-0.9.0/src/net.c 2021-02-08 11:01:24.000000000 +0100
+++ new/sscep-0.9.1/src/net.c 2021-07-30 23:56:52.000000000 +0200
@@ -29,7 +29,7 @@
#endif
char *url_encode(char *, size_t);
-void exit_string_overflow(size_t);
+void exit_string_overflow(int);
int
send_msg(struct http_reply *http, int do_post, char *scep_operation,
@@ -61,44 +61,52 @@
rlen = snprintf(http_string, sizeof(http_string),
"%s %s%s?operation=%s",
do_post ? "POST" : "GET", p_flag ? "" : "/", dir_name,
scep_operation);
- exit_string_overflow(sizeof(http_string)-rlen);
+ exit_string_overflow(sizeof(http_string) <= rlen);
if (!do_post && payload_len > 0) {
char *encoded = url_encode((char *)payload, payload_len);
rlen += snprintf(http_string+rlen, sizeof(http_string)-rlen,
"&message=%s", encoded);
free(encoded);
- exit_string_overflow(sizeof(http_string)-rlen);
+ exit_string_overflow(sizeof(http_string) <= rlen);
}
if (M_char != NULL) {
rlen += snprintf(http_string+rlen, sizeof(http_string)-rlen,
"&%s", M_char);
- exit_string_overflow(sizeof(http_string)-rlen);
+ exit_string_overflow(sizeof(http_string) <= rlen);
}
- rlen += snprintf(http_string+rlen, sizeof(http_string)-rlen,
- " HTTP/1.1\r\n"
- "Host: %s\r\n"
- "Connection: close\r\n", host_name);
- exit_string_overflow(sizeof(http_string)-rlen);
+ if (host_port == 80) {
+ rlen += snprintf(http_string+rlen, sizeof(http_string)-rlen,
+ " HTTP/1.1\r\n"
+ "Host: %s\r\n"
+ "Connection: close\r\n",
host_name);
+ } else {
+ /* According to RFC2616, non-default port must be added. */
+ rlen += snprintf(http_string+rlen, sizeof(http_string)-rlen,
+ " HTTP/1.1\r\n"
+ "Host: %s:%d\r\n"
+ "Connection: close\r\n", host_name, host_port);
+ }
+ exit_string_overflow(sizeof(http_string) <= rlen);
if (do_post) {
rlen += snprintf(http_string+rlen, sizeof(http_string)-rlen,
- "Content-Length: %zd\r\n", payload_len);
- exit_string_overflow(sizeof(http_string)-rlen);
+ "Content-Length: %zu\r\n", payload_len);
+ exit_string_overflow(sizeof(http_string) <= rlen);
}
rlen += snprintf(http_string+rlen, sizeof(http_string)-rlen,
"\r\n");
- exit_string_overflow(sizeof(http_string)-rlen);
+ exit_string_overflow(sizeof(http_string) <= rlen);
if (do_post) {
/* concat post data */
memcpy(http_string+rlen, payload, payload_len);
rlen += payload_len;
- exit_string_overflow(sizeof(http_string)-rlen);
+ exit_string_overflow(sizeof(http_string) <= rlen);
}
if (d_flag){
@@ -166,13 +174,14 @@
}
headers_num = sizeof(headers) / sizeof(headers[0]);
- header_size = phr_parse_response(buf, used, &http_minor, &http->status,
- &http_msg, &msg_size, headers, &headers_num, 0);
- if (header_size < 0) {
+ rc = phr_parse_response(buf, used, &http_minor, &http->status,
+ &http_msg, &msg_size, headers, &headers_num, 0);
+ if (rc < 0) {
fprintf(stderr,"cannot parse response\n");
close(sd);
return (1);
}
+ header_size = rc;
mime_type = NULL;
http_chunked = 0;
@@ -202,7 +211,7 @@
if (v_flag)
fprintf(stdout, "%s: server response status code: %d, MIME
header: %s\n",
- pname, http->status, mime_type);
+ pname, http->status, mime_type ? mime_type : "missing");
http->payload = buf+header_size;
body_size = used-header_size;
@@ -223,16 +232,16 @@
/* Set SCEP reply type */
switch (operation) {
case SCEP_OPERATION_GETCA:
- if (!strcmp(mime_type, MIME_GETCA)) {
+ if (mime_type && !strcmp(mime_type, MIME_GETCA)) {
http->type = SCEP_MIME_GETCA;
- } else if (!strcmp(mime_type, MIME_GETCA_RA) ||
!strcmp(mime_type, MIME_GETCA_RA_ENTRUST)) {
+ } else if (mime_type && (!strcmp(mime_type,
MIME_GETCA_RA) || !strcmp(mime_type, MIME_GETCA_RA_ENTRUST))) {
http->type = SCEP_MIME_GETCA_RA;
} else {
goto mime_err;
}
break;
case SCEP_OPERATION_GETNEXTCA:
- if (!strcmp(mime_type, MIME_GETNEXTCA)) {
+ if (mime_type && !strcmp(mime_type, MIME_GETNEXTCA)) {
http->type = SCEP_MIME_GETNEXTCA;
} else {
goto mime_err;
@@ -244,10 +253,11 @@
http->type = SCEP_MIME_GETCAPS;
break;
default:
- if (strcmp(mime_type, MIME_PKI) != 0) {
+ if (mime_type && !strcmp(mime_type, MIME_PKI)) {
+ http->type = SCEP_MIME_PKI;
+ } else {
goto mime_err;
}
- http->type = SCEP_MIME_PKI;
break;
}
@@ -265,8 +275,8 @@
return (1);
}
-void exit_string_overflow(size_t size) {
- if (size <= 0) {
+void exit_string_overflow(int overflow) {
+ if (overflow) {
fprintf(stderr, "%s: not enough buffer space "
"to construct HTTP request\n", pname);
exit (SCEP_PKISTATUS_NET);
@@ -291,7 +301,7 @@
#else
strcpy(r, "");
#endif
-
+
/* Copy data */
for (i = 0; i < n; i++) {
switch (*(s+i)) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/sscep-0.9.0/src/pkcs7.c new/sscep-0.9.1/src/pkcs7.c
--- old/sscep-0.9.0/src/pkcs7.c 2021-02-08 11:01:24.000000000 +0100
+++ new/sscep-0.9.1/src/pkcs7.c 2021-07-30 23:56:52.000000000 +0200
@@ -874,7 +874,7 @@
int get_signed_attribute(STACK_OF(X509_ATTRIBUTE) *attribs, int nid,int type,
char **buffer){
int rc;
ASN1_TYPE *asn1_type;
- unsigned int len;
+ int len;
/* Find attribute */
rc = get_attribute(attribs, nid, &asn1_type);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/sscep-0.9.0/src/sscep.h new/sscep-0.9.1/src/sscep.h
--- old/sscep-0.9.0/src/sscep.h 2021-02-08 11:01:24.000000000 +0100
+++ new/sscep-0.9.1/src/sscep.h 2021-07-30 23:56:52.000000000 +0200
@@ -66,7 +66,7 @@
#include <openssl/ssl.h>
/* Global defines */
-#define VERSION "0.9.0"
+#define VERSION "0.9.1"
/* SCEP operations */
#define SCEP_OPERATION_GETCA 1
