Backport upstream commit to fix CVE-2014-8760. Bump PKGREVISION.

This commit is contained in:
fhajny 2014-11-13 09:45:47 +00:00
parent 491623caf1
commit b4eb3326bc
3 changed files with 27 additions and 3 deletions

View file

@ -1,7 +1,7 @@
# $NetBSD: Makefile,v 1.46 2014/10/16 12:47:59 fhajny Exp $
# $NetBSD: Makefile,v 1.47 2014/11/13 09:45:47 fhajny Exp $
DISTNAME= ejabberd-14.07
PKGREVISION= 3
PKGREVISION= 4
CATEGORIES= chat
MASTER_SITES= http://www.process-one.net/downloads/ejabberd/${PKGVERSION_NOREV}/
EXTRACT_SUFX= .tgz

View file

@ -1,4 +1,4 @@
$NetBSD: distinfo,v 1.27 2014/10/16 12:47:59 fhajny Exp $
$NetBSD: distinfo,v 1.28 2014/11/13 09:45:47 fhajny Exp $
SHA1 (ejabberd-14.07-deps.tar.gz) = 102a78c428fe587d57385c66a11cc731d2ec434e
RMD160 (ejabberd-14.07-deps.tar.gz) = 02c28e5a0c234800811d8ff24ca6afab4d3d0eec
@ -11,3 +11,4 @@ SHA1 (patch-ad) = cdd7a61333f3206ac3ae9168b1878a059da25988
SHA1 (patch-ae) = 542ac36eecc4b679dded78e56903686060fd643a
SHA1 (patch-configure) = 8cf03f571ef13ed825b445e0f1664d387895b8fe
SHA1 (patch-deps_p1__iconv_rebar.config) = e9252229695195ebfe5aeea7ef3ef2c6cd95bc02
SHA1 (patch-src_ejabberd__c2s.erl) = f9b8a00e1d5f85134cce8bb9b770d1e41a29b906

View file

@ -0,0 +1,23 @@
$NetBSD: patch-src_ejabberd__c2s.erl,v 1.1 2014/11/13 09:45:47 fhajny Exp $
Backport upstream commit to fix CVE-2014-8760
--- src/ejabberd_c2s.erl.orig 2014-07-22 15:42:49.000000000 +0000
+++ src/ejabberd_c2s.erl
@@ -718,7 +718,7 @@ wait_for_feature_request({xmlstreameleme
(StateData#state.sockmod):get_sockmod(StateData#state.socket),
case {xml:get_attr_s(<<"xmlns">>, Attrs), Name} of
{?NS_SASL, <<"auth">>}
- when not ((SockMod == gen_tcp) and TLSRequired) ->
+ when TLSEnabled or not TLSRequired ->
Mech = xml:get_attr_s(<<"mechanism">>, Attrs),
ClientIn = jlib:decode_base64(xml:get_cdata(Els)),
case cyrsasl:server_start(StateData#state.sasl_state,
@@ -832,7 +832,7 @@ wait_for_feature_request({xmlstreameleme
end
end;
_ ->
- if (SockMod == gen_tcp) and TLSRequired ->
+ if TLSRequired and not TLSEnabled ->
Lang = StateData#state.lang,
send_element(StateData,
?POLICY_VIOLATION_ERR(Lang,