From: Raúl Porcel <armin76@gentoo.org>
Date: Tue, 6 Mar 2007 13:49:07 +0000 (+0000)
Subject: Revbump wrt security bug 169599
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=31b80865e16fdccb5e86da89c1b2cc51ab40ee3a;p=gentoo.git

Revbump wrt security bug 169599
Package-Manager: portage-2.1.2.1
---

diff --git a/net-im/silc-server/ChangeLog b/net-im/silc-server/ChangeLog
index e04bb0d2342f..63ae2408db86 100644
--- a/net-im/silc-server/ChangeLog
+++ b/net-im/silc-server/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for net-im/silc-server
 # Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-im/silc-server/ChangeLog,v 1.16 2007/01/27 17:57:28 josejx Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-im/silc-server/ChangeLog,v 1.17 2007/03/06 13:49:06 armin76 Exp $
+
+*silc-server-1.0.2-r1 (06 Mar 2007)
+
+  06 Mar 2007; RaÃºl Porcel <armin76@gentoo.org>
+  +files/silc-server-1.0.2-join-hmac.patch, +silc-server-1.0.2-r1.ebuild:
+  Revbump wrt security bug 169599
 
   27 Jan 2007; Joseph Jezak <josejx@gentoo.org> silc-server-1.0.2.ebuild:
   Forced -fsigned-char on and marked ppc stable for bug #152916.
diff --git a/net-im/silc-server/Manifest b/net-im/silc-server/Manifest
index 6b2c8ea11459..b96e49ef5f02 100644
--- a/net-im/silc-server/Manifest
+++ b/net-im/silc-server/Manifest
@@ -1,23 +1,28 @@
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA1
-
 AUX 1.0-fPIC.patch 296 RMD160 bbc913dd15e279f416fc1a29b939fad0bb1963f0 SHA1 8caaa59a66a623a366d7ac130fe9af8db8478c73 SHA256 ee4fdddb8e3d6844bb00e7cda82986b421377ce34e3a02404000a4d6658ce227
 MD5 1d2c979312a0f446a2c84f2b3a98f76b files/1.0-fPIC.patch 296
 RMD160 bbc913dd15e279f416fc1a29b939fad0bb1963f0 files/1.0-fPIC.patch 296
 SHA256 ee4fdddb8e3d6844bb00e7cda82986b421377ce34e3a02404000a4d6658ce227 files/1.0-fPIC.patch 296
+AUX silc-server-1.0.2-join-hmac.patch 2882 RMD160 f868b3261258a57e8482dd29a41369bdb06dddcf SHA1 a8a39fceafc1b44f21c64efd2436c9fbd3a84ac3 SHA256 c6168d64d05b7790f7186712032ae3942b5683561be50f384f215fdd93fdf670
+MD5 fd65a37d902b51254f56a5516c5c2926 files/silc-server-1.0.2-join-hmac.patch 2882
+RMD160 f868b3261258a57e8482dd29a41369bdb06dddcf files/silc-server-1.0.2-join-hmac.patch 2882
+SHA256 c6168d64d05b7790f7186712032ae3942b5683561be50f384f215fdd93fdf670 files/silc-server-1.0.2-join-hmac.patch 2882
 AUX silcd.initd 518 RMD160 e096f18aa2eb4a343b812c7fa1a2056569cb979f SHA1 be323a68e49bd34088d9e8ebc88adfb73a098c2d SHA256 78034e113d777f70e0b01734061fc2bde1c9b07f7af99ce5e4421f6f66924bf1
 MD5 9d081afe7e71fe29d44ec320e468afe6 files/silcd.initd 518
 RMD160 e096f18aa2eb4a343b812c7fa1a2056569cb979f files/silcd.initd 518
 SHA256 78034e113d777f70e0b01734061fc2bde1c9b07f7af99ce5e4421f6f66924bf1 files/silcd.initd 518
 DIST silc-server-1.0.2.tar.bz2 890357 RMD160 9108b64761e01f7e3877f6c9a207ae45046cab21 SHA1 7bce4e065ebb79e69b82a5e6b96e36427290b581 SHA256 37812c18a7221fe4ff87ef31a28ba9de97a3b722d7507c14ed0552cee20559b3
+EBUILD silc-server-1.0.2-r1.ebuild 1937 RMD160 3d356421ad4cad19f516353173195e52d3a6a195 SHA1 08d1f7a917fb818a1c1ad4761937539df6733cca SHA256 308159520afb5dd476ecae97f7b0165b1c4d659585f2c4a7913246351cc15b4f
+MD5 40027ea688965a6178e63c4b655d65ae silc-server-1.0.2-r1.ebuild 1937
+RMD160 3d356421ad4cad19f516353173195e52d3a6a195 silc-server-1.0.2-r1.ebuild 1937
+SHA256 308159520afb5dd476ecae97f7b0165b1c4d659585f2c4a7913246351cc15b4f silc-server-1.0.2-r1.ebuild 1937
 EBUILD silc-server-1.0.2.ebuild 1862 RMD160 743b0905b24b25cb7bb74add69ad398aad82ace1 SHA1 baef4d3a3ef91540cefab4e5c02fdeb5edd61402 SHA256 ee6bb4e617dbdcb0e2df24e5fb9dfc12b71d78572a60f807980c1110466bfa8d
 MD5 fac7cc5ad251d555f5a86b580f84f701 silc-server-1.0.2.ebuild 1862
 RMD160 743b0905b24b25cb7bb74add69ad398aad82ace1 silc-server-1.0.2.ebuild 1862
 SHA256 ee6bb4e617dbdcb0e2df24e5fb9dfc12b71d78572a60f807980c1110466bfa8d silc-server-1.0.2.ebuild 1862
-MISC ChangeLog 2839 RMD160 bacc57a6a56dd05a5fac10c1478b042194c864ac SHA1 fc2693bbc86ad8c5bd1869ef6da46b4a1c0b3462 SHA256 2f44e442f45a7fe95718fb28d4a7c778dcf36ae5158154fdbef2e88c462b4f94
-MD5 5b374c8e6c043d7ee175ce40cafb7565 ChangeLog 2839
-RMD160 bacc57a6a56dd05a5fac10c1478b042194c864ac ChangeLog 2839
-SHA256 2f44e442f45a7fe95718fb28d4a7c778dcf36ae5158154fdbef2e88c462b4f94 ChangeLog 2839
+MISC ChangeLog 3035 RMD160 33abea7464f973db81551e17b566e4ff2d584c41 SHA1 4c2d52263a3dd6ee8ced3b22af43a79ee121ebac SHA256 1ed5d6addf535cdb921f6cdccd37f4c55ace65d3fc3cb15e738faf930dcf4657
+MD5 8a21fd38e527966f6d43cf0ea13b18b9 ChangeLog 3035
+RMD160 33abea7464f973db81551e17b566e4ff2d584c41 ChangeLog 3035
+SHA256 1ed5d6addf535cdb921f6cdccd37f4c55ace65d3fc3cb15e738faf930dcf4657 ChangeLog 3035
 MISC metadata.xml 160 RMD160 279429d1df694561fc2b163cb81c09387b9d940c SHA1 97da1b72eecc5585c65717da08eaccc9bc1cf7cd SHA256 5e058419199e306612929b80a996e3d16c6b20de674a56bb60558d3d36524fe2
 MD5 44c39c6ad372a8e5a5e7ee3311f703a7 metadata.xml 160
 RMD160 279429d1df694561fc2b163cb81c09387b9d940c metadata.xml 160
@@ -25,10 +30,6 @@ SHA256 5e058419199e306612929b80a996e3d16c6b20de674a56bb60558d3d36524fe2 metadata
 MD5 b3744ecf006f5ccb029a75cc7e3b5910 files/digest-silc-server-1.0.2 256
 RMD160 84fe2e50666e2b30fa19f705549839f7e026740b files/digest-silc-server-1.0.2 256
 SHA256 11f649318385baed274c68df280b5f1f1d4571277953d49371dd1bd22f5b1ad5 files/digest-silc-server-1.0.2 256
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v2.0.1 (GNU/Linux)
-
-iD8DBQFFu5HycsIHjyDViGQRAquEAKCl74BMubgLu3lhwaOY8GKXByhCuQCdF1y/
-aO/2FD8352sVs/c9dwMQPJY=
-=qLFP
------END PGP SIGNATURE-----
+MD5 b3744ecf006f5ccb029a75cc7e3b5910 files/digest-silc-server-1.0.2-r1 256
+RMD160 84fe2e50666e2b30fa19f705549839f7e026740b files/digest-silc-server-1.0.2-r1 256
+SHA256 11f649318385baed274c68df280b5f1f1d4571277953d49371dd1bd22f5b1ad5 files/digest-silc-server-1.0.2-r1 256
diff --git a/net-im/silc-server/files/digest-silc-server-1.0.2-r1 b/net-im/silc-server/files/digest-silc-server-1.0.2-r1
new file mode 100644
index 000000000000..34466545eb0e
--- /dev/null
+++ b/net-im/silc-server/files/digest-silc-server-1.0.2-r1
@@ -0,0 +1,3 @@
+MD5 a55b86783cc6b502e80fcbe73e698329 silc-server-1.0.2.tar.bz2 890357
+RMD160 9108b64761e01f7e3877f6c9a207ae45046cab21 silc-server-1.0.2.tar.bz2 890357
+SHA256 37812c18a7221fe4ff87ef31a28ba9de97a3b722d7507c14ed0552cee20559b3 silc-server-1.0.2.tar.bz2 890357
diff --git a/net-im/silc-server/files/silc-server-1.0.2-join-hmac.patch b/net-im/silc-server/files/silc-server-1.0.2-join-hmac.patch
new file mode 100644
index 000000000000..b5e6061c1590
--- /dev/null
+++ b/net-im/silc-server/files/silc-server-1.0.2-join-hmac.patch
@@ -0,0 +1,84 @@
+diff -ur silc-server-1.0.2.orig/apps/silcd/command.c silc-server-1.0.2/apps/silcd/command.c
+--- silc-server-1.0.2.orig/apps/silcd/command.c	2007-03-06 11:21:40.000000000 +0100
++++ silc-server-1.0.2/apps/silcd/command.c	2007-03-06 13:33:28.000000000 +0100
+@@ -2441,10 +2441,22 @@
+ 	  channel = silc_server_create_new_channel(server, server->id, cipher,
+ 						   hmac, channel_name, TRUE);
+ 	  if (!channel) {
+-	    silc_server_command_send_status_data(
+-				  cmd, SILC_COMMAND_JOIN,
+-				  SILC_STATUS_ERR_UNKNOWN_ALGORITHM,
+-				  0, 2, cipher, strlen(cipher));
++	    if (cipher) {
++		silc_server_command_send_status_data(
++				      cmd, SILC_COMMAND_JOIN,
++				      SILC_STATUS_ERR_UNKNOWN_ALGORITHM,
++				      0, 2, cipher, strlen(cipher));
++	    } else if (hmac) {
++		silc_server_command_send_status_data(
++				      cmd, SILC_COMMAND_JOIN,
++				      SILC_STATUS_ERR_UNKNOWN_ALGORITHM,
++				      0, 2, hmac, strlen(hmac));
++	    } else {
++		silc_server_command_send_status_reply(
++				      cmd, SILC_COMMAND_JOIN,
++				      SILC_STATUS_ERR_RESOURCE_LIMIT,
++				      0);
++	    }
+ 	    silc_free(client_id);
+ 	    goto out;
+ 	  }
+@@ -2505,10 +2517,22 @@
+ 	  channel = silc_server_create_new_channel(server, server->id, cipher,
+ 						   hmac, channel_name, TRUE);
+ 	  if (!channel) {
+-	    silc_server_command_send_status_data(
+-				       cmd, SILC_COMMAND_JOIN,
+-				       SILC_STATUS_ERR_UNKNOWN_ALGORITHM, 0,
+-				       2, cipher, strlen(cipher));
++	    if (cipher) {
++		silc_server_command_send_status_data(
++				      cmd, SILC_COMMAND_JOIN,
++				      SILC_STATUS_ERR_UNKNOWN_ALGORITHM,
++				      0, 2, cipher, strlen(cipher));
++	    } else if (hmac) {
++		silc_server_command_send_status_data(
++				      cmd, SILC_COMMAND_JOIN,
++				      SILC_STATUS_ERR_UNKNOWN_ALGORITHM,
++				      0, 2, hmac, strlen(hmac));
++	    } else {
++		silc_server_command_send_status_reply(
++				      cmd, SILC_COMMAND_JOIN,
++				      SILC_STATUS_ERR_RESOURCE_LIMIT,
++				      0);
++	    }
+ 	    silc_free(client_id);
+ 	    goto out;
+ 	  }
+@@ -2541,10 +2565,22 @@
+ 	channel = silc_server_create_new_channel(server, server->id, cipher,
+ 						 hmac, channel_name, TRUE);
+ 	if (!channel) {
+-	  silc_server_command_send_status_data(
+-				       cmd, SILC_COMMAND_JOIN,
+-				       SILC_STATUS_ERR_UNKNOWN_ALGORITHM, 0,
+-				       2, cipher, strlen(cipher));
++	  if (cipher) {
++	      silc_server_command_send_status_data(
++				cmd, SILC_COMMAND_JOIN,
++				SILC_STATUS_ERR_UNKNOWN_ALGORITHM,
++				0, 2, cipher, strlen(cipher));
++	  } else if (hmac) {
++	      silc_server_command_send_status_data(
++				cmd, SILC_COMMAND_JOIN,
++				SILC_STATUS_ERR_UNKNOWN_ALGORITHM,
++				0, 2, hmac, strlen(hmac));
++	  } else {
++	      silc_server_command_send_status_reply(
++				cmd, SILC_COMMAND_JOIN,
++				SILC_STATUS_ERR_RESOURCE_LIMIT,
++				0);
++	  }
+ 	  silc_free(client_id);
+ 	  goto out;
+ 	}
diff --git a/net-im/silc-server/silc-server-1.0.2-r1.ebuild b/net-im/silc-server/silc-server-1.0.2-r1.ebuild
new file mode 100644
index 000000000000..7e4d52e3a4d3
--- /dev/null
+++ b/net-im/silc-server/silc-server-1.0.2-r1.ebuild
@@ -0,0 +1,82 @@
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-im/silc-server/silc-server-1.0.2-r1.ebuild,v 1.1 2007/03/06 13:49:06 armin76 Exp $
+
+inherit eutils autotools flag-o-matic
+
+DESCRIPTION="Server for Secure Internet Live Conferencing"
+SRC_URI="http://www.silcnet.org/download/server/sources/${P}.tar.bz2"
+HOMEPAGE="http://silcnet.org/"
+
+SLOT="0"
+LICENSE="GPL-2"
+KEYWORDS="~ppc ~sparc ~x86"
+IUSE="ipv6 debug"
+
+RDEPEND="!<=net-im/silc-toolkit-0.9.12-r1
+	!<=net-im/silc-client-1.0.1"
+DEPEND="${RDEPEND}
+	=sys-devel/automake-1.9*"
+
+src_unpack() {
+	unpack ${A}
+	cd "${S}"
+
+	epatch "${FILESDIR}"/1.0-fPIC.patch
+
+	# DoS vuln, bug 169599
+	epatch "${FILESDIR}"/${P}-join-hmac.patch
+
+	eautoreconf
+}
+
+src_compile() {
+	### Append -fsigned-char for platforms without this as default
+	### Fixes runtime conf parsing bug on ppc
+	append-flags -fsigned-char
+
+	econf \
+		--sysconfdir=/etc/silc \
+		--with-docdir=/usr/share/doc/${PF} \
+		--with-helpdir=/usr/share/${PN}/help \
+		--with-logsdir=/var/log/${PN} \
+		--with-mandir=/usr/share/man \
+		--with-silcd-pid-file=/var/run/silcd.pid \
+		--with-simdir=/usr/$(get_libdir)/${PN} \
+		--without-silc-libs \
+		$(use_enable ipv6) \
+		$(use_enable debug) \
+		|| die "econf failed"
+	emake -j1 || die "emake failed"
+}
+
+src_install() {
+	make DESTDIR="${D}" install || die "make install failed"
+
+	insinto /usr/share/doc/${PF}/examples
+	doins doc/examples/*.conf
+
+	fperms 600 /etc/silc
+	keepdir /var/log/${PN}
+
+	rm -rf \
+		"${D}"/usr/libsilc* \
+		"${D}"/usr/include \
+		"${D}"/etc/silc/silcd.{pub,prv}
+
+	newinitd "${FILESDIR}/silcd.initd" silcd
+
+	sed -i \
+		-e 's:10.2.1.6:0.0.0.0:' \
+		-e 's:User = "nobody";:User = "silcd";:' \
+		"${D}"/etc/silc/silcd.conf
+}
+
+pkg_postinst() {
+	enewuser silcd
+
+	if [ ! -f "${ROOT}"/etc/silc/silcd.prv ] ; then
+		einfo "Creating key pair in /etc/silc"
+		silcd -C "${ROOT}"/etc/silc
+	fi
+}