From 14d8413448409518ec967b895290dbbb5cc0e7f3 Mon Sep 17 00:00:00 2001 From: Michael Krelin Date: Sat, 28 Jul 2007 19:23:02 +0000 Subject: net-im/jabberd: added ssl fix to the patch. Signed-off-by: Michael Krelin --- (limited to 'net-im/jabberd/files/jabberd-2.1.11-r2.patch') diff --git a/net-im/jabberd/files/jabberd-2.1.11-r2.patch b/net-im/jabberd/files/jabberd-2.1.11-r2.patch new file mode 100644 index 0000000..dbf441a --- a/dev/null +++ b/net-im/jabberd/files/jabberd-2.1.11-r2.patch @@ -0,0 +1,299 @@ +diff --git a/c2s/main.c b/c2s/main.c +index a86e571..0bf89e6 100644 +--- a/c2s/main.c ++++ b/c2s/main.c +@@ -698,6 +698,7 @@ JABBER_MAIN("jabberd2c2s", "Jabber 2 C2S", "Jabber Open Source Server: Client to + if(sess->ip != NULL) free(sess->ip); + if(sess->result != NULL) nad_free(sess->result); + if(sess->jid != NULL) jid_free(sess->jid); ++ if(sess->rate != NULL) rate_free(sess->rate); + + free(sess); + } +diff --git a/configure.ac b/configure.ac +index 099aec9..29dca26 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -494,37 +494,48 @@ AM_CONDITIONAL(STORAGE_MYSQL, [test "x-$have_mysql" = "x-yes"]) + + # PostgreSQL + AC_ARG_ENABLE([pgsql], +- AC_HELP_STRING([--enable-pgsql], [enable PostgreSQL auth/reg/storage support (no)]), +- [enable_pgsql=$enableval have_pgsql=no], ++ AC_HELP_STRING([--enable-pgsql], ++ [enable PostgreSQL auth/reg/storage support, you can provide path to ++ pg_config executable (no)]), ++ [enable_pgsql="$enableval" have_pgsql=no], + [enable_pgsql=no have_pgsql=no]) +-if test "x-$enable_pgsql" = "x-yes" ; then +- for i in /usr /usr/local /usr/local/pgsql ; do +- for j in include include/pgsql include/postgres include/postgresql "" ; do +- if test -r "$i/$j/libpq-fe.h" ; then +- PGSQL_INCLUDE=$i/$j +- fi +- done +- for lib in lib lib64 ; do +- for j in $lib $lib/pgsql $lib/postgres $lib/postgresql "" ; do +- if test -f "$i/$j/libpq.so" || test -f "$i/$j/libpq.a" ; then +- PGSQL_LIBDIR=$i/$j +- fi +- done +- done +- done +- AC_CHECK_LIB([pq], [PQsetdbLogin], [ +- have_pgsql=yes +- if test "x-$PGSQL_INCLUDE" != "x-"; then +- PGSQL_CFLAGS="-I $PGSQL_INCLUDE" +- fi +- if test "x-$PGSQL_LIBDIR" != "x-"; then +- PGSQL_LIBS="-L$PGSQL_LIBDIR -lpq" +- fi +- AC_DEFINE(STORAGE_POSTGRES, 1, [Define to 1 if you want to use PostgreSQL for storage.]) +- ]) +- if test "x-$have_pgsql" != "x-yes" ; then +- AC_MSG_ERROR([PostgreSQL support requested, but headers/libraries not found.]) +- fi ++if test "x-$enable_pgsql" != "x-no" ; then ++ if test -x "$enable_pgsql" ; then ++ PGSQL_INCLUDE="$($enable_pgsql --includedir)" ++ PGSQL_LIBDIR="$($enable_pgsql --libdir)" ++ PGSQL_CFLAGS="-I$PGSQL_INCLUDE" ++ PGSQL_LIBS="-L$PGSQL_LIBDIR -lpq" ++ have_pgsql=yes ++ AC_DEFINE([STORAGE_POSTGRES],[1],[Define to 1 if you want to use PostgreSQL for storage.]) ++ else # leave legacy detection intact for now ++ for i in /usr /usr/local /usr/local/pgsql ; do ++ for j in include include/pgsql include/postgres include/postgresql "" ; do ++ if test -r "$i/$j/libpq-fe.h" ; then ++ PGSQL_INCLUDE=$i/$j ++ fi ++ done ++ for lib in lib lib64 ; do ++ for j in $lib $lib/pgsql $lib/postgres $lib/postgresql "" ; do ++ if test -f "$i/$j/libpq.so" || test -f "$i/$j/libpq.a" ; then ++ PGSQL_LIBDIR=$i/$j ++ fi ++ done ++ done ++ done ++ AC_CHECK_LIB([pq], [PQsetdbLogin], [ ++ have_pgsql=yes ++ if test "x-$PGSQL_INCLUDE" != "x-"; then ++ PGSQL_CFLAGS="-I $PGSQL_INCLUDE" ++ fi ++ if test "x-$PGSQL_LIBDIR" != "x-"; then ++ PGSQL_LIBS="-L$PGSQL_LIBDIR -lpq" ++ fi ++ AC_DEFINE(STORAGE_POSTGRES, 1, [Define to 1 if you want to use PostgreSQL for storage.]) ++ ]) ++ if test "x-$have_pgsql" != "x-yes" ; then ++ AC_MSG_ERROR([PostgreSQL support requested, but headers/libraries not found.]) ++ fi ++ fi + fi + AC_SUBST(PGSQL_CFLAGS) + AC_SUBST(PGSQL_LIBS) +diff --git a/etc/c2s.xml.dist.in b/etc/c2s.xml.dist.in +index 873a133..0589ada 100644 +--- a/etc/c2s.xml.dist.in ++++ b/etc/c2s.xml.dist.in +@@ -325,6 +325,11 @@ + + + ++ ++ dbname=jabberd2 user=jabberd2 password=secret ++ ++ ++ + + localhost + 5432 +diff --git a/mio/mio_impl.h b/mio/mio_impl.h +index 6f72a5c..cabdc67 100644 +--- a/mio/mio_impl.h ++++ b/mio/mio_impl.h +@@ -226,8 +226,12 @@ static void _mio_run(mio_t m, int timeout) + { + mio_fd_t fd = MIO_ITERATOR_FD(m,iter); + +- /* skip dead slots */ +- if(FD(m,fd)->type == type_CLOSED) continue; ++ /* deferred closing fd */ ++ if(FD(m,fd)->type == type_CLOSED) ++ { ++ MIO_FREE_FD(m, fd); ++ continue; ++ } + + /* new conns on a listen socket */ + if(FD(m,fd)->type == type_LISTEN && MIO_CAN_READ(m,iter)) +@@ -259,12 +263,6 @@ static void _mio_run(mio_t m, int timeout) + if(ACT(m, fd, action_WRITE, NULL) == 0) + MIO_UNSET_WRITE(m, FD(m,fd)); + } +- +- /* deferred closing fd */ +- if(FD(m,fd)->type == type_CLOSED) +- { +- MIO_FREE_FD(m, fd); +- } + } + } + +diff --git a/sm/main.c b/sm/main.c +index 2f1439d..9f27829 100644 +--- a/sm/main.c ++++ b/sm/main.c +@@ -392,6 +392,7 @@ JABBER_MAIN("jabberd2sm", "Jabber 2 Session Manager", "Jabber Open Source Server + xhash_free(sm->acls); + xhash_free(sm->features); + xhash_free(sm->xmlns); ++ xhash_free(sm->xmlns_refcount); + xhash_free(sm->users); + + sx_free(sm->router); +diff --git a/sm/mod_privacy.c b/sm/mod_privacy.c +index 06f9e6e..5abf065 100644 +--- a/sm/mod_privacy.c ++++ b/sm/mod_privacy.c +@@ -205,7 +205,7 @@ static int _privacy_user_load(mod_instance_t mi, user_t user) { + continue; + } + +- pool_cleanup(zlist->p, free, zitem->jid); ++ pool_cleanup(zlist->p, jid_free, zitem->jid); + + log_debug(ZONE, "jid item with value '%s'", jid_full(zitem->jid)); + +@@ -696,7 +696,7 @@ static mod_ret_t _privacy_in_sess(mod_instance_t mi, sess_t sess, pkt_t pkt) { + return -stanza_err_BAD_REQUEST; + } + +- pool_cleanup(p, free, zitem->jid); ++ pool_cleanup(p, jid_free, zitem->jid); + + log_debug(ZONE, "jid item with value '%s'", jid_full(zitem->jid)); + +diff --git a/storage/authreg_pgsql.c b/storage/authreg_pgsql.c +index 1f15e83..5f1583d 100644 +--- a/storage/authreg_pgsql.c ++++ b/storage/authreg_pgsql.c +@@ -302,9 +302,13 @@ int _ar_pgsql_check_sql( authreg_t ar, char * sql, char * types ) { + return 1; + } + ++#ifdef HAVE_SSL ++extern int sx_openssl_initialized; ++#endif ++ + /** start me up */ + int ar_init(authreg_t ar) { +- char *host, *port, *dbname, *user, *pass; ++ char *host, *port, *dbname, *user, *pass, *conninfo; + char *create, *select, *setpassword, *delete; + char *table, *username, *realm; + char *template; +@@ -391,15 +395,26 @@ int ar_init(authreg_t ar) { + free(setpassword); + free(delete); + +- host = config_get_one(ar->c2s->config, "authreg.pgsql.host", 0); +- port = config_get_one(ar->c2s->config, "authreg.pgsql.port", 0); +- dbname = config_get_one(ar->c2s->config, "authreg.pgsql.dbname", 0); +- user = config_get_one(ar->c2s->config, "authreg.pgsql.user", 0); +- pass = config_get_one(ar->c2s->config, "authreg.pgsql.pass", 0); +- +- log_debug( ZONE, "pgsql connecting as '%s' to database '%s' on %s:%s", user, dbname, host, port ); ++#ifdef HAVE_SSL ++ if(sx_openssl_initialized) ++ PQinitSSL(0); ++#endif ++ conninfo = config_get_one(ar->c2s->config,"authreg.pgsql.conninfo",0); ++ if(conninfo) { ++ /* don't log connection info for it can contain password */ ++ log_debug( ZONE, "pgsql connecting to the databse"); ++ conn = PQconnectdb(conninfo); ++ }else{ ++ /* compatibility settings */ ++ host = config_get_one(ar->c2s->config, "authreg.pgsql.host", 0); ++ port = config_get_one(ar->c2s->config, "authreg.pgsql.port", 0); ++ dbname = config_get_one(ar->c2s->config, "authreg.pgsql.dbname", 0); ++ user = config_get_one(ar->c2s->config, "authreg.pgsql.user", 0); ++ pass = config_get_one(ar->c2s->config, "authreg.pgsql.pass", 0); ++ log_debug( ZONE, "pgsql connecting as '%s' to database '%s' on %s:%s", user, dbname, host, port ); ++ conn = PQsetdbLogin(host, port, NULL, NULL, dbname, user, pass); ++ } + +- conn = PQsetdbLogin(host, port, NULL, NULL, dbname, user, pass); + if(conn == NULL) { + log_write(ar->c2s->log, LOG_ERR, "pgsql: unable to allocate database connection state"); + return 1; +diff --git a/sx/sasl_gsasl.c b/sx/sasl_gsasl.c +index 69eeec2..0036c0f 100644 +--- a/sx/sasl_gsasl.c ++++ b/sx/sasl_gsasl.c +@@ -338,6 +338,7 @@ static void _sx_sasl_client_process(sx_t s, sx_plugin_t p, Gsasl_session *sd, ch + if(ret != GSASL_OK && ret != GSASL_NEEDS_MORE) { + _sx_debug(ZONE, "gsasl_step failed, no sasl for this conn; (%d): %s", ret, gsasl_strerror(ret)); + _sx_nad_write(s, _sx_sasl_failure(s, _sasl_err_MALFORMED_REQUEST), 0); ++ if(buf != NULL) free(buf); + return; + } + } +@@ -350,6 +351,7 @@ static void _sx_sasl_client_process(sx_t s, sx_plugin_t p, Gsasl_session *sd, ch + if(ret != GSASL_OK && ret != GSASL_NEEDS_MORE) { + _sx_debug(ZONE, "gsasl_step failed, no sasl for this conn; (%d): %s", ret, gsasl_strerror(ret)); + _sx_nad_write(s, _sx_sasl_failure(s, _sasl_err_MALFORMED_REQUEST), 0); ++ if(buf != NULL) free(buf); + return; + } + +diff --git a/sx/ssl.c b/sx/ssl.c +index 62c4258..9359f4d 100644 +--- a/sx/ssl.c ++++ b/sx/ssl.c +@@ -628,6 +628,8 @@ static void _sx_ssl_unload(sx_plugin_t p) { + SSL_CTX_free((SSL_CTX *) p->private); + } + ++int sx_openssl_initialized = 0; ++ + /** args: pemfile */ + int sx_ssl_init(sx_env_t env, sx_plugin_t p, va_list args) { + char *pemfile, *cachain; +@@ -653,6 +655,8 @@ int sx_ssl_init(sx_env_t env, sx_plugin_t p, va_list args) { + SSL_library_init(); + SSL_load_error_strings(); + ++ sx_openssl_initialized = 1; ++ + /* create the context */ + ctx = SSL_CTX_new(SSLv23_method()); + if(ctx == NULL) { +diff --git a/util/jid.c b/util/jid.c +index 695b15f..f4b0021 100644 +--- a/util/jid.c ++++ b/util/jid.c +@@ -332,7 +332,7 @@ static jid_t jid_reset_components_internal(jid_t jid, const unsigned char *node, + else { + /* allocate new data buffer */ + jid->jid_data_len = node_l+domain_l+resource_l+3; +- jid->jid_data = malloc(jid->jid_data_len); ++ jid->jid_data = realloc(jid->jid_data, jid->jid_data_len); + } + + /* copy to buffer */ +diff --git a/util/nad.c b/util/nad.c +index 2ac8670..eec3c17 100644 +--- a/util/nad.c ++++ b/util/nad.c +@@ -61,7 +61,7 @@ static void _nad_ptr_check(const char *func, nad_t nad) { + #define _nad_ptr_check(func,nad) + #endif + +-#define BLOCKSIZE 1024 ++#define BLOCKSIZE 128 + + /** internal: do and return the math and ensure it gets realloc'd */ + static int _nad_realloc(void **oblocks, int len) -- cgit v0.9.0.2