Github messages for voidlinux
 help / color / mirror / Atom feed
* [PR PATCH] rabbitmq-c: update to 0.10.0
@ 2020-11-19 22:23 ndowens
  2020-11-20 23:55 ` [PR PATCH] [Updated] " ndowens
  2020-11-23  3:47 ` [PR PATCH] [Merged]: " ericonr
  0 siblings, 2 replies; 3+ messages in thread
From: ndowens @ 2020-11-19 22:23 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 316 bytes --]

There is a new pull request by ndowens against master on the void-packages repository

https://github.com/ndowens/void-packages rabbitmq-c
https://github.com/void-linux/void-packages/pull/26512

rabbitmq-c: update to 0.10.0


A patch file from https://github.com/void-linux/void-packages/pull/26512.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-rabbitmq-c-26512.patch --]
[-- Type: text/x-diff, Size: 7995 bytes --]

From 3e6103e424c49d6bc727a4f21abc8516bcefe215 Mon Sep 17 00:00:00 2001
From: Nathan Owens <ndowens@artixlinux.org>
Date: Thu, 19 Nov 2020 16:22:25 -0600
Subject: [PATCH] rabbitmq-c: update to 0.10.0

---
 .../rabbitmq-c/patches/CVE-2019-18609.patch   | 47 ----------
 srcpkgs/rabbitmq-c/patches/test.patch         | 89 +++++++++++++++++++
 srcpkgs/rabbitmq-c/template                   | 13 +--
 3 files changed, 96 insertions(+), 53 deletions(-)
 delete mode 100644 srcpkgs/rabbitmq-c/patches/CVE-2019-18609.patch
 create mode 100644 srcpkgs/rabbitmq-c/patches/test.patch

diff --git a/srcpkgs/rabbitmq-c/patches/CVE-2019-18609.patch b/srcpkgs/rabbitmq-c/patches/CVE-2019-18609.patch
deleted file mode 100644
index 7f26bfde463..00000000000
--- a/srcpkgs/rabbitmq-c/patches/CVE-2019-18609.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From fc85be7123050b91b054e45b91c78d3241a5047a Mon Sep 17 00:00:00 2001
-From: Alan Antonuk <alan.antonuk@gmail.com>
-Date: Sun, 3 Nov 2019 23:50:07 -0800
-Subject: [PATCH] lib: check frame_size is >= INT32_MAX
-
-When parsing a frame header, validate that the frame_size is less than
-or equal to INT32_MAX. Given frame_max is limited between 0 and
-INT32_MAX in amqp_login and friends, this does not change the API.
-
-This prevents a potential buffer overflow when a malicious client sends
-a frame_size that is close to UINT32_MAX, in which causes an overflow
-when computing state->target_size resulting in a small value there. A
-buffer is then allocated with the small amount, then memcopy copies the
-frame_size writing to memory beyond the end of the buffer.
----
- librabbitmq/amqp_connection.c | 15 ++++++++++++---
- 1 file changed, 12 insertions(+), 3 deletions(-)
-
-diff --git librabbitmq/amqp_connection.c librabbitmq/amqp_connection.c
-index 034b2e96..b106f70a 100644
---- librabbitmq/amqp_connection.c
-+++ librabbitmq/amqp_connection.c
-@@ -287,12 +287,21 @@ int amqp_handle_input(amqp_connection_state_t state, amqp_bytes_t received_data,
-     case CONNECTION_STATE_HEADER: {
-       amqp_channel_t channel;
-       amqp_pool_t *channel_pool;
--      /* frame length is 3 bytes in */
-+      uint32_t frame_size;
-+
-       channel = amqp_d16(amqp_offset(raw_frame, 1));
- 
--      state->target_size =
--          amqp_d32(amqp_offset(raw_frame, 3)) + HEADER_SIZE + FOOTER_SIZE;
-+      /* frame length is 3 bytes in */
-+      frame_size = amqp_d32(amqp_offset(raw_frame, 3));
-+      /* To prevent the target_size calculation below from overflowing, check
-+       * that the stated frame_size is smaller than a signed 32-bit. Given
-+       * the library only allows configuring frame_max as an int32_t, and
-+       * frame_size is uint32_t, the math below is safe from overflow. */
-+      if (frame_size >= INT32_MAX) {
-+        return AMQP_STATUS_BAD_AMQP_DATA;
-+      }
- 
-+      state->target_size = frame_size + HEADER_SIZE + FOOTER_SIZE;
-       if ((size_t)state->frame_max < state->target_size) {
-         return AMQP_STATUS_BAD_AMQP_DATA;
-       }
diff --git a/srcpkgs/rabbitmq-c/patches/test.patch b/srcpkgs/rabbitmq-c/patches/test.patch
new file mode 100644
index 00000000000..5f87d166798
--- /dev/null
+++ b/srcpkgs/rabbitmq-c/patches/test.patch
@@ -0,0 +1,89 @@
+From 26ecf6d3012be81f5dfb8a2d822c722e916a86cb Mon Sep 17 00:00:00 2001
+From: Simon Lepasteur <simon.lepasteur@swissdotnet.ch>
+Date: Wed, 11 Mar 2020 15:13:29 +0100
+Subject: [PATCH] Add option to run system tests (disabled by default).
+
+System tests require a RabbitMQ or other AMQP server to be running on
+`localhost` at TCP port number 5672 and therefore fails if no such
+server is running on the build machine.
+
+This is surprising for everyone running the standard `make test`
+to ensure the library is built correctly.
+---
+ .travis.yml          | 2 +-
+ CMakeLists.txt       | 1 +
+ README.md            | 2 ++
+ appveyor.yml         | 2 +-
+ tests/CMakeLists.txt | 8 +++++---
+ 5 files changed, 10 insertions(+), 5 deletions(-)
+
+diff --git .travis.yml .travis.yml
+index 52a66b9c..5f56cb03 100644
+--- .travis.yml
++++ .travis.yml
+@@ -19,7 +19,7 @@ addons:
+       name: "alanxz/rabbitmq-c"
+       description: "C AMQP client for RabbitMQ"
+     notification_email: alan.antonuk@gmail.com
+-    build_command_prepend: mkdir build && pushd build && cmake .. && popd
++    build_command_prepend: mkdir build && pushd build && cmake .. -DRUN_SYSTEM_TESTS=ON && popd
+     build_command: cmake --build ./build
+     branch_pattern: coverity_scan
+ 
+diff --git CMakeLists.txt CMakeLists.txt
+index f620ddc8..a39645f4 100644
+--- CMakeLists.txt
++++ CMakeLists.txt
+@@ -266,6 +266,7 @@ option(BUILD_TOOLS "Build Tools (requires POPT Library)" ${POPT_FOUND})
+ option(BUILD_TOOLS_DOCS "Build man pages for Tools (requires xmlto)" ${DO_DOCS})
+ option(BUILD_TESTS "Build tests (run tests with make test)" ON)
+ option(BUILD_API_DOCS "Build Doxygen API docs" ${DOXYGEN_FOUND})
++option(RUN_SYSTEM_TESTS "Run system tests (i.e. tests requiring an accessible RabbitMQ server instance on localhost)" OFF)
+ 
+ if (NOT BUILD_SHARED_LIBS AND NOT BUILD_STATIC_LIBS)
+     message(FATAL_ERROR "One or both of BUILD_SHARED_LIBS or BUILD_STATIC_LIBS must be set to ON to build")
+diff --git README.md README.md
+index b7776c65..31347b15 100644
+--- README.md
++++ README.md
+@@ -84,6 +84,8 @@ Other interesting flags that can be passed to CMake:
+    default this is ON if the OpenSSL headers and library can be found.
+ * `BUILD_API_DOCS=ON/OFF` - toggles building the Doxygen API documentation, by
+    default this is OFF
++* `RUN_SYSTEM_TESTS=ON/OFF` toggles building the system tests (i.e. tests requiring 
++   an accessible RabbitMQ server instance on localhost), by default this is OFF
+ 
+ ## Running the examples
+ 
+diff --git appveyor.yml appveyor.yml
+index 7e41c099..af315227 100644
+--- appveyor.yml
++++ appveyor.yml
+@@ -30,7 +30,7 @@ install:
+   - "Win%BITS%OpenSSL-%OPENSSL_VER%.exe /SP- /SILENT /SUPPRESSMSGBOXES /NORESTART"
+ 
+ before_build:
+-  - cmake -DBUILD_SHARED_LIBS=ON -DBUILD_STATIC_LIBS=ON -DBUILD_TESTS=ON -DENABLE_SSL_SUPPORT=True -G"%GENERATOR%" .
++  - cmake -DBUILD_SHARED_LIBS=ON -DBUILD_STATIC_LIBS=ON -DBUILD_TESTS=ON -DRUN_SYSTEM_TESTS=ON -DENABLE_SSL_SUPPORT=True -G"%GENERATOR%" .
+ 
+ build:
+   project: ALL_BUILD.vcxproj
+diff --git tests/CMakeLists.txt tests/CMakeLists.txt
+index cf042b04..320a73d7 100644
+--- tests/CMakeLists.txt
++++ tests/CMakeLists.txt
+@@ -33,9 +33,11 @@ add_executable(test_basic
+                test_basic.c)
+ target_link_libraries(test_basic rabbitmq-static)
+ 
+-if (NOT APPLE)
+-  add_test(basic test_basic)
+-endif()
++if (RUN_SYSTEM_TESTS)
++  if (NOT APPLE)
++    add_test(basic test_basic)
++  endif()
++endif(RUN_SYSTEM_TESTS)
+ 
+ add_executable(test_sasl_mechanism test_sasl_mechanism.c)
+ target_link_libraries(test_sasl_mechanism rabbitmq-static)
diff --git a/srcpkgs/rabbitmq-c/template b/srcpkgs/rabbitmq-c/template
index 4d6533bf209..606905e2161 100644
--- a/srcpkgs/rabbitmq-c/template
+++ b/srcpkgs/rabbitmq-c/template
@@ -1,8 +1,9 @@
 # Template file for 'rabbitmq-c'
 pkgname=rabbitmq-c
-version=0.9.0
-revision=3
+version=0.10.0
+revision=1
 build_style=cmake
+make_check_target=test
 hostmakedepends="popt xmlto doxygen"
 makedepends="libressl-devel"
 short_desc="RabbitMQ C client"
@@ -10,10 +11,10 @@ maintainer="Hans-J. Schmid <knock@myopendoor.de>"
 license="MIT"
 homepage="https://github.com/alanxz/rabbitmq-c"
 distfiles="https://github.com/alanxz/${pkgname}/archive/v${version}.tar.gz"
-checksum=316c0d156452b488124806911a62e0c2aa8a546d38fc8324719cd29aaa493024
+checksum=6455efbaebad8891c59f274a852b75b5cc51f4d669dfc78d2ae7e6cc97fcd8c0
 
 post_install() {
-	vlicense LICENSE-MIT
+	vlicense LICENSE-MIT LICENSE
 }
 
 rabbitmq-c-devel_package() {
@@ -22,7 +23,7 @@ rabbitmq-c-devel_package() {
 	pkg_install() {
 		vmove usr/include
 		vmove usr/lib/pkgconfig
-		vmove usr/lib/*.a
-		vmove usr/lib/*.so
+		vmove "usr/lib/*.a"
+		vmove "usr/lib/*.so"
 	}
 }

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PR PATCH] [Updated] rabbitmq-c: update to 0.10.0
  2020-11-19 22:23 [PR PATCH] rabbitmq-c: update to 0.10.0 ndowens
@ 2020-11-20 23:55 ` ndowens
  2020-11-23  3:47 ` [PR PATCH] [Merged]: " ericonr
  1 sibling, 0 replies; 3+ messages in thread
From: ndowens @ 2020-11-20 23:55 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 338 bytes --]

There is an updated pull request by ndowens against master on the void-packages repository

https://github.com/ndowens/void-packages rabbitmq-c
https://github.com/void-linux/void-packages/pull/26512

rabbitmq-c: update to 0.10.0
check passed 100%

A patch file from https://github.com/void-linux/void-packages/pull/26512.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-rabbitmq-c-26512.patch --]
[-- Type: text/x-diff, Size: 7995 bytes --]

From 0accd0f310f7ac3a00a18aab9372cf16596e6a96 Mon Sep 17 00:00:00 2001
From: Nathan Owens <ndowens@artixlinux.org>
Date: Thu, 19 Nov 2020 16:22:25 -0600
Subject: [PATCH] rabbitmq-c: update to 0.10.0

---
 .../rabbitmq-c/patches/CVE-2019-18609.patch   | 47 ----------
 srcpkgs/rabbitmq-c/patches/test.patch         | 89 +++++++++++++++++++
 srcpkgs/rabbitmq-c/template                   | 13 +--
 3 files changed, 96 insertions(+), 53 deletions(-)
 delete mode 100644 srcpkgs/rabbitmq-c/patches/CVE-2019-18609.patch
 create mode 100644 srcpkgs/rabbitmq-c/patches/test.patch

diff --git a/srcpkgs/rabbitmq-c/patches/CVE-2019-18609.patch b/srcpkgs/rabbitmq-c/patches/CVE-2019-18609.patch
deleted file mode 100644
index 7f26bfde463..00000000000
--- a/srcpkgs/rabbitmq-c/patches/CVE-2019-18609.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From fc85be7123050b91b054e45b91c78d3241a5047a Mon Sep 17 00:00:00 2001
-From: Alan Antonuk <alan.antonuk@gmail.com>
-Date: Sun, 3 Nov 2019 23:50:07 -0800
-Subject: [PATCH] lib: check frame_size is >= INT32_MAX
-
-When parsing a frame header, validate that the frame_size is less than
-or equal to INT32_MAX. Given frame_max is limited between 0 and
-INT32_MAX in amqp_login and friends, this does not change the API.
-
-This prevents a potential buffer overflow when a malicious client sends
-a frame_size that is close to UINT32_MAX, in which causes an overflow
-when computing state->target_size resulting in a small value there. A
-buffer is then allocated with the small amount, then memcopy copies the
-frame_size writing to memory beyond the end of the buffer.
----
- librabbitmq/amqp_connection.c | 15 ++++++++++++---
- 1 file changed, 12 insertions(+), 3 deletions(-)
-
-diff --git librabbitmq/amqp_connection.c librabbitmq/amqp_connection.c
-index 034b2e96..b106f70a 100644
---- librabbitmq/amqp_connection.c
-+++ librabbitmq/amqp_connection.c
-@@ -287,12 +287,21 @@ int amqp_handle_input(amqp_connection_state_t state, amqp_bytes_t received_data,
-     case CONNECTION_STATE_HEADER: {
-       amqp_channel_t channel;
-       amqp_pool_t *channel_pool;
--      /* frame length is 3 bytes in */
-+      uint32_t frame_size;
-+
-       channel = amqp_d16(amqp_offset(raw_frame, 1));
- 
--      state->target_size =
--          amqp_d32(amqp_offset(raw_frame, 3)) + HEADER_SIZE + FOOTER_SIZE;
-+      /* frame length is 3 bytes in */
-+      frame_size = amqp_d32(amqp_offset(raw_frame, 3));
-+      /* To prevent the target_size calculation below from overflowing, check
-+       * that the stated frame_size is smaller than a signed 32-bit. Given
-+       * the library only allows configuring frame_max as an int32_t, and
-+       * frame_size is uint32_t, the math below is safe from overflow. */
-+      if (frame_size >= INT32_MAX) {
-+        return AMQP_STATUS_BAD_AMQP_DATA;
-+      }
- 
-+      state->target_size = frame_size + HEADER_SIZE + FOOTER_SIZE;
-       if ((size_t)state->frame_max < state->target_size) {
-         return AMQP_STATUS_BAD_AMQP_DATA;
-       }
diff --git a/srcpkgs/rabbitmq-c/patches/test.patch b/srcpkgs/rabbitmq-c/patches/test.patch
new file mode 100644
index 00000000000..5f87d166798
--- /dev/null
+++ b/srcpkgs/rabbitmq-c/patches/test.patch
@@ -0,0 +1,89 @@
+From 26ecf6d3012be81f5dfb8a2d822c722e916a86cb Mon Sep 17 00:00:00 2001
+From: Simon Lepasteur <simon.lepasteur@swissdotnet.ch>
+Date: Wed, 11 Mar 2020 15:13:29 +0100
+Subject: [PATCH] Add option to run system tests (disabled by default).
+
+System tests require a RabbitMQ or other AMQP server to be running on
+`localhost` at TCP port number 5672 and therefore fails if no such
+server is running on the build machine.
+
+This is surprising for everyone running the standard `make test`
+to ensure the library is built correctly.
+---
+ .travis.yml          | 2 +-
+ CMakeLists.txt       | 1 +
+ README.md            | 2 ++
+ appveyor.yml         | 2 +-
+ tests/CMakeLists.txt | 8 +++++---
+ 5 files changed, 10 insertions(+), 5 deletions(-)
+
+diff --git .travis.yml .travis.yml
+index 52a66b9c..5f56cb03 100644
+--- .travis.yml
++++ .travis.yml
+@@ -19,7 +19,7 @@ addons:
+       name: "alanxz/rabbitmq-c"
+       description: "C AMQP client for RabbitMQ"
+     notification_email: alan.antonuk@gmail.com
+-    build_command_prepend: mkdir build && pushd build && cmake .. && popd
++    build_command_prepend: mkdir build && pushd build && cmake .. -DRUN_SYSTEM_TESTS=ON && popd
+     build_command: cmake --build ./build
+     branch_pattern: coverity_scan
+ 
+diff --git CMakeLists.txt CMakeLists.txt
+index f620ddc8..a39645f4 100644
+--- CMakeLists.txt
++++ CMakeLists.txt
+@@ -266,6 +266,7 @@ option(BUILD_TOOLS "Build Tools (requires POPT Library)" ${POPT_FOUND})
+ option(BUILD_TOOLS_DOCS "Build man pages for Tools (requires xmlto)" ${DO_DOCS})
+ option(BUILD_TESTS "Build tests (run tests with make test)" ON)
+ option(BUILD_API_DOCS "Build Doxygen API docs" ${DOXYGEN_FOUND})
++option(RUN_SYSTEM_TESTS "Run system tests (i.e. tests requiring an accessible RabbitMQ server instance on localhost)" OFF)
+ 
+ if (NOT BUILD_SHARED_LIBS AND NOT BUILD_STATIC_LIBS)
+     message(FATAL_ERROR "One or both of BUILD_SHARED_LIBS or BUILD_STATIC_LIBS must be set to ON to build")
+diff --git README.md README.md
+index b7776c65..31347b15 100644
+--- README.md
++++ README.md
+@@ -84,6 +84,8 @@ Other interesting flags that can be passed to CMake:
+    default this is ON if the OpenSSL headers and library can be found.
+ * `BUILD_API_DOCS=ON/OFF` - toggles building the Doxygen API documentation, by
+    default this is OFF
++* `RUN_SYSTEM_TESTS=ON/OFF` toggles building the system tests (i.e. tests requiring 
++   an accessible RabbitMQ server instance on localhost), by default this is OFF
+ 
+ ## Running the examples
+ 
+diff --git appveyor.yml appveyor.yml
+index 7e41c099..af315227 100644
+--- appveyor.yml
++++ appveyor.yml
+@@ -30,7 +30,7 @@ install:
+   - "Win%BITS%OpenSSL-%OPENSSL_VER%.exe /SP- /SILENT /SUPPRESSMSGBOXES /NORESTART"
+ 
+ before_build:
+-  - cmake -DBUILD_SHARED_LIBS=ON -DBUILD_STATIC_LIBS=ON -DBUILD_TESTS=ON -DENABLE_SSL_SUPPORT=True -G"%GENERATOR%" .
++  - cmake -DBUILD_SHARED_LIBS=ON -DBUILD_STATIC_LIBS=ON -DBUILD_TESTS=ON -DRUN_SYSTEM_TESTS=ON -DENABLE_SSL_SUPPORT=True -G"%GENERATOR%" .
+ 
+ build:
+   project: ALL_BUILD.vcxproj
+diff --git tests/CMakeLists.txt tests/CMakeLists.txt
+index cf042b04..320a73d7 100644
+--- tests/CMakeLists.txt
++++ tests/CMakeLists.txt
+@@ -33,9 +33,11 @@ add_executable(test_basic
+                test_basic.c)
+ target_link_libraries(test_basic rabbitmq-static)
+ 
+-if (NOT APPLE)
+-  add_test(basic test_basic)
+-endif()
++if (RUN_SYSTEM_TESTS)
++  if (NOT APPLE)
++    add_test(basic test_basic)
++  endif()
++endif(RUN_SYSTEM_TESTS)
+ 
+ add_executable(test_sasl_mechanism test_sasl_mechanism.c)
+ target_link_libraries(test_sasl_mechanism rabbitmq-static)
diff --git a/srcpkgs/rabbitmq-c/template b/srcpkgs/rabbitmq-c/template
index 4d6533bf209..606905e2161 100644
--- a/srcpkgs/rabbitmq-c/template
+++ b/srcpkgs/rabbitmq-c/template
@@ -1,8 +1,9 @@
 # Template file for 'rabbitmq-c'
 pkgname=rabbitmq-c
-version=0.9.0
-revision=3
+version=0.10.0
+revision=1
 build_style=cmake
+make_check_target=test
 hostmakedepends="popt xmlto doxygen"
 makedepends="libressl-devel"
 short_desc="RabbitMQ C client"
@@ -10,10 +11,10 @@ maintainer="Hans-J. Schmid <knock@myopendoor.de>"
 license="MIT"
 homepage="https://github.com/alanxz/rabbitmq-c"
 distfiles="https://github.com/alanxz/${pkgname}/archive/v${version}.tar.gz"
-checksum=316c0d156452b488124806911a62e0c2aa8a546d38fc8324719cd29aaa493024
+checksum=6455efbaebad8891c59f274a852b75b5cc51f4d669dfc78d2ae7e6cc97fcd8c0
 
 post_install() {
-	vlicense LICENSE-MIT
+	vlicense LICENSE-MIT LICENSE
 }
 
 rabbitmq-c-devel_package() {
@@ -22,7 +23,7 @@ rabbitmq-c-devel_package() {
 	pkg_install() {
 		vmove usr/include
 		vmove usr/lib/pkgconfig
-		vmove usr/lib/*.a
-		vmove usr/lib/*.so
+		vmove "usr/lib/*.a"
+		vmove "usr/lib/*.so"
 	}
 }

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PR PATCH] [Merged]: rabbitmq-c: update to 0.10.0
  2020-11-19 22:23 [PR PATCH] rabbitmq-c: update to 0.10.0 ndowens
  2020-11-20 23:55 ` [PR PATCH] [Updated] " ndowens
@ 2020-11-23  3:47 ` ericonr
  1 sibling, 0 replies; 3+ messages in thread
From: ericonr @ 2020-11-23  3:47 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 179 bytes --]

There's a merged pull request on the void-packages repository

rabbitmq-c: update to 0.10.0
https://github.com/void-linux/void-packages/pull/26512

Description:
check passed 100%

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2020-11-23  3:47 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-11-19 22:23 [PR PATCH] rabbitmq-c: update to 0.10.0 ndowens
2020-11-20 23:55 ` [PR PATCH] [Updated] " ndowens
2020-11-23  3:47 ` [PR PATCH] [Merged]: " ericonr

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).