Changes - j0ke.net Open Build Service

Changes of Revision 3

[-] [+]	Changed	csync2.changes
@@ -1,4 +1,9 @@ ------------------------------------------------------------------- +Fri Apr 1 14:17:49 UTC 2016 - cs@linux-administrator.com + +- update to git snapshot 20160401 + +------------------------------------------------------------------- Tue Feb 7 15:51:35 UTC 2012 - cs@linux-administrator.com - update to git snapshot 20120207
[-] [+]	Changed	csync2.spec ^
@@ -23,7 +23,7 @@ # norootforbuild # neededforbuild librsync openssl openssl-devel glibc-devel libgcc gcc gcc-c++ bison flex %define sqliteversion 2.8.17 -%define gitversion git20120207 +%define gitversion git20160401 BuildRequires: -post-build-checks BuildRequires: sqlite-devel sqlite librsync openssl-devel glibc-devel libgcc gcc gcc-c++ bison flex gnutls >= 2.6 gnutls-devel >= 2.6 file BuildRequires: autoconf automake libtool pkgconfig @@ -51,8 +51,7 @@ Source5: csync2.cron #Patch0: csync2-SQL-TRUE.patch #Patch1: csync2-GNUTLS.patch -Patch2: csync2-debug.patch -Patch3: rsync-default-strong-len.patch +#Patch2: csync2-debug.patch URL: http://oss.linbit.com/csync2 BuildRoot: %{_tmppath}/%{name}-%{version}-build Summary: Cluster sync tool @@ -73,8 +72,7 @@ %setup -n %{name} #patch0 #patch1 -%patch2 -%patch3 +#patch2 tar -C $RPM_BUILD_DIR -xjf %{S:1} %{?suse_update_config:%{suse_update_config}}
[-] [+]	Changed	rsync-default-strong-len.patch ^
@@ -1,32 +1,24 @@ ---- rsync.c.orig 2016-04-01 14:40:50.368258190 +0200 -+++ rsync.c 2016-04-01 14:43:11.160366063 +0200 -@@ -318,8 +318,13 @@ +X-Git-Url: http://git.linbit.com/csync2.git/blobdiff_plain/cf835a7aeea46ea0b0a01c3db7deb226dbc6a811..8f8c88922298ce1e2fef1b8acff12e3acdfb06b5:/rsync.c + +diff --git a/rsync.c b/rsync.c +index 52fc389..28038eb 100644 +--- a/rsync.c ++++ b/rsync.c +@@ -461,7 +461,17 @@ int csync_rs_sigfile(const char filename, FILE sig_file_out) + goto out; - if ( isreg ) { - csync_debug(3, "Running rs_sig_file() from librsync....\n"); -- result = rs_sig_file(basis_file, sig_file, -- RS_DEFAULT_BLOCK_LEN, RS_DEFAULT_STRONG_LEN, &stats); -+ #ifdef RS_DEFAULT_STRONG_LEN -+ result = rs_sig_file(basis_file, sig_file, -+ RS_DEFAULT_BLOCK_LEN, RS_DEFAULT_STRONG_LEN, &stats); -+ #else -+ result = rs_sig_file(basis_file, sig_file, -+ RS_DEFAULT_BLOCK_LEN, RS_MD4_SIG_MAGIC, &stats); -+ #endif - if (result != RS_DONE) { - csync_debug(0, "Internal error from rsync library!\n"); - goto error; -@@ -405,8 +410,13 @@ - if ( !basis_file ) basis_file = fopen("/dev/null", "rb"); - - csync_debug(3, "Running rs_sig_file() from librsync..\n"); -+ #ifdef RS_DEFAULT_STRONG_LEN - result = rs_sig_file(basis_file, sig_file, - RS_DEFAULT_BLOCK_LEN, RS_DEFAULT_STRONG_LEN, &stats); -+ #else -+ result = rs_sig_file(basis_file, sig_file, -+ RS_DEFAULT_BLOCK_LEN, RS_MD4_SIG_MAGIC, &stats); -+ #endif + csync_debug(3, "Running rs_sig_file() from librsync....\n"); ++/ see upstream ++ * https://github.com/librsync/librsync/commit/152323729ac831727032daf50a10c1448b48f252 ++ * as reaction to SECURITY: CVE-2014-8242 ++ / ++#ifdef RS_DEFAULT_STRONG_LEN + result = rs_sig_file(basis_file, sig_file, RS_DEFAULT_BLOCK_LEN, RS_DEFAULT_STRONG_LEN, &stats); ++#else ++ / For backward compatibility, for now hardcode RS_MD4_SIG_MAGIC. ++ * TODO: allow changing to RS_BLAKE2_SIG_MAGIC. / ++ result = rs_sig_file(basis_file, sig_file, RS_DEFAULT_BLOCK_LEN, 0, RS_MD4_SIG_MAGIC, &stats); ++#endif + sig_file_out = sig_file; + sig_file = NULL; if (result != RS_DONE) - csync_fatal("Got an error from librsync, too bad!\n"); -
	Added	csync2-git20160401.tar.bz2 ^