From 59eeba8d8515091e132d16170caaf7dc755876e1 Mon Sep 17 00:00:00 2001
From: Brian C. Lane <bcl@redhat.com>
Date: Nov 09 2013 18:33:46 +0000
Subject: - Upstream v0.8.9

- CVE-2013-4550 - failed SSL handshake resource leak
- Removed 2 patches included in new version

---

diff --git a/.gitignore b/.gitignore
index 9180ceb..fbc2aca 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
 bip-0.8.4.tar.gz
 /bip-0.8.6.tar.gz
 /bip-0.8.8.tar.gz
+/bip-0.8.9.tar.gz
diff --git a/0001-Revert-f19e1f6.-Fix-252.patch b/0001-Revert-f19e1f6.-Fix-252.patch
deleted file mode 100644
index e041e32..0000000
--- a/0001-Revert-f19e1f6.-Fix-252.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From f1bec50a9cc81417344f62e021e14c0a254737d6 Mon Sep 17 00:00:00 2001
-From: Pierre-Louis Bonicoli <pierre-louis.bonicoli@gmx.fr>
-Date: Wed, 25 Jan 2012 04:03:18 +0100
-Subject: [PATCH 1/3] Revert f19e1f6. Fix #252.
-
-f19e1f6 introduces a regression (#252) and bug described in commit
-message can not be reproduced.
----
- src/log.c |    8 +++++++-
- 1 file changed, 7 insertions(+), 1 deletion(-)
-
-diff --git a/src/log.c b/src/log.c
-index 269c6cb..84922eb 100644
---- a/src/log.c
-+++ b/src/log.c
-@@ -533,7 +533,13 @@ static void do_log_privmsg(log_t *logdata, const char *storage, int src,
- void log_privmsg(log_t *logdata, const char *ircmask, const char *destination,
- 		const char *message)
- {
--	do_log_privmsg(logdata, destination, 0, ircmask, message);
-+	if (!ischannel(*destination)) {
-+		char *nick = nick_from_ircmask(ircmask);
-+		do_log_privmsg(logdata, nick, 0, ircmask, message);
-+		free(nick);
-+	} else {
-+		do_log_privmsg(logdata, destination, 0, ircmask, message);
-+	}
- }
- 
- void log_cli_privmsg(log_t *logdata, const char *ircmask,
--- 
-1.7.10
-
diff --git a/0003-Buffer-Overflow-check-against-the-implicit-size-of-s.patch b/0003-Buffer-Overflow-check-against-the-implicit-size-of-s.patch
deleted file mode 100644
index 25ad10f..0000000
--- a/0003-Buffer-Overflow-check-against-the-implicit-size-of-s.patch
+++ /dev/null
@@ -1,129 +0,0 @@
-From a26cf2be67971b752c120fd3bbee9e7211159184 Mon Sep 17 00:00:00 2001
-From: Pierre-Louis Bonicoli <pierre-louis.bonicoli@gmx.fr>
-Date: Sat, 7 Jan 2012 11:41:02 +0100
-Subject: [PATCH 3/3] Buffer Overflow: check against the implicit size of
- select() arrays
-
-Reported by Julien Tinnes (Fix #269)
-exit is called when the listening socket can not be created
----
- src/bip.c        |    2 +-
- src/connection.c |   46 ++++++++++++++++++++++++++++++++++++++--------
- src/irc.c        |    7 ++++---
- 3 files changed, 43 insertions(+), 12 deletions(-)
-
-diff --git a/src/bip.c b/src/bip.c
-index a361847..4c37570 100644
---- a/src/bip.c
-+++ b/src/bip.c
-@@ -1312,7 +1312,7 @@ int main(int argc, char **argv)
- 	close(fd);
- 
- 	bip.listener = listen_new(conf_ip, conf_port, conf_css);
--	if (!bip.listener)
-+	if (!bip.listener || bip.listener->connected == CONN_ERROR)
- 		fatal("Could not create listening socket");
- 
- 	for (;;) {
-diff --git a/src/connection.c b/src/connection.c
-index c793e18..cb8d976 100644
---- a/src/connection.c
-+++ b/src/connection.c
-@@ -124,6 +124,18 @@ static void connect_trynext(connection_t *cn)
- 			continue;
- 		}
- 
-+		if (cn->handle >= FD_SETSIZE) {
-+			mylog(LOG_WARN, "too many fd used, close socket %d",
-+					cn->handle);
-+
-+			if (close(cn->handle) == -1)
-+				mylog(LOG_WARN, "Error on socket close: %s",
-+						strerror(errno));
-+
-+			cn->handle = -1;
-+			break;
-+		}
-+
- 		socket_set_nonblock(cn->handle);
- 
- 		if (cn->connecting_data->src) {
-@@ -789,13 +801,8 @@ list_t *wait_event(list_t *cn_list, int *msec, int *nc)
- 		/*
- 		 * This shouldn't happen ! just in case...
- 		 */
--		if (cn->handle < 0) {
--			mylog(LOG_WARN, "wait_event invalid socket %d",
--					cn->handle);
--			if (cn_is_connected(cn))
--				cn->connected = CONN_ERROR;
--			continue;
--		}
-+		if (cn->handle < 0 || cn->handle >= FD_SETSIZE)
-+			fatal("wait_event invalid socket %d", cn->handle);
- 
- 		/* exceptions are OOB and disconnections */
- 		FD_SET(cn->handle, &fds_except);
-@@ -966,6 +973,18 @@ static void create_listening_socket(char *hostname, char *port,
- 			continue;
- 		}
- 
-+		if (cn->handle >= FD_SETSIZE) {
-+			mylog(LOG_WARN, "too many fd used, close listening socket %d",
-+					cn->handle);
-+
-+			if (close(cn->handle) == -1)
-+				mylog(LOG_WARN, "Error on socket close: %s",
-+						strerror(errno));
-+
-+			cn->handle = -1;
-+			break;
-+		}
-+
- 		if (setsockopt(cn->handle, SOL_SOCKET, SO_REUSEADDR,
- 					(char *)&multi_client,
- 					sizeof(multi_client)) < 0) {
-@@ -1113,10 +1132,21 @@ connection_t *accept_new(connection_t *cn)
- 
- 	mylog(LOG_DEBUG, "Trying to accept new client on %d", cn->handle);
- 	err = accept(cn->handle, &sa, &sa_len);
-+
- 	if (err < 0) {
--		mylog(LOG_ERROR, "accept failed: %s", strerror(errno));
-+		fatal("accept failed: %s", strerror(errno));
-+	}
-+
-+	if (err >= FD_SETSIZE) {
-+		mylog(LOG_WARN, "too many client connected, close %d", err);
-+
-+		if (close(err) == -1)
-+			mylog(LOG_WARN, "Error on socket close: %s",
-+					strerror(errno));
-+
- 		return NULL;
- 	}
-+
- 	socket_set_nonblock(err);
- 
- 	conn = connection_init(cn->anti_flood, cn->ssl, cn->timeout, 0);
-diff --git a/src/irc.c b/src/irc.c
-index 631af6f..0b7726a 100644
---- a/src/irc.c
-+++ b/src/irc.c
-@@ -2448,9 +2448,10 @@ void bip_on_event(bip_t *bip, connection_t *conn)
- 
- 	if (conn == bip->listener) {
- 		struct link_client *n = irc_accept_new(conn);
--		assert(n);
--		list_add_last(&bip->conn_list, CONN(n));
--		list_add_last(&bip->connecting_client_list, n);
-+		if (n) {
-+			list_add_last(&bip->conn_list, CONN(n));
-+			list_add_last(&bip->connecting_client_list, n);
-+		}
- 		return;
- 	}
- 
--- 
-1.7.6.5
-
diff --git a/bip.spec b/bip.spec
index b1a7ca6..0ce8169 100644
--- a/bip.spec
+++ b/bip.spec
@@ -1,6 +1,6 @@
 Name:    bip
-Version: 0.8.8
-Release: 3%{?dist}
+Version: 0.8.9
+Release: 1%{?dist}
 Summary: IRC Bouncer
 Group:   Applications/Internet
 License: GPLv2+
@@ -10,8 +10,6 @@ Source0: https://projects.duckcorp.org/attachments/download/20/bip-%{version}.ta
 Source1: bip.init
 Patch0: 0001-Setup-bip-for-Fedora-s-paths.patch
 Patch1: 0002-Throttle-joins-to-prevent-flooding.patch
-Patch2: 0003-Buffer-Overflow-check-against-the-implicit-size-of-s.patch
-Patch3: 0001-Revert-f19e1f6.-Fix-252.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
@@ -42,7 +40,7 @@ mv ChangeLog{.utf8,}
 
 %build
 %configure --with-openssl
-make CFLAGS="$RPM_OPT_FLAGS -fPIE"
+make CFLAGS="$RPM_OPT_FLAGS -fPIE -Wno-unused-result"
 
 
 %install
@@ -93,12 +91,18 @@ fi
 %{_bindir}/bipmkpw
 %{_mandir}/man1/bip.1.gz
 %{_mandir}/man5/bip.conf.5.gz
+%{_mandir}/man1/bipmkpw.1.gz
 %attr(0640,root,bip) %config(noreplace) %{_sysconfdir}/bip.conf
 %{_initrddir}/bip
 %attr(-,bip,bip) %dir %{_localstatedir}/run/bip
 %attr(-,bip,bip) %dir %{_localstatedir}/log/bip
 
 %changelog
+* Sat Nov 09 2013 Brian C. Lane <bcl@redhat.com> 0.8.9-1
+- Upstream v0.8.9
+- CVE-2013-4550 - failed SSL handshake resource leak
+- Removed 2 patches included in new version
+
 * Tue May 15 2012 Brian C. Lane <bcl@redhat.com> 0.8.8-3
 - Change /etc/bip.conf to 0640,root,bip (#815935)
 
diff --git a/sources b/sources
index 3007abb..8234287 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-261d53ead8a35d08caa7dc0f76566b98  bip-0.8.8.tar.gz
+04158ad020db221ed87cdc03660ef6c9  bip-0.8.9.tar.gz