Accepting request 352396 from home:hsk17:branches:network

update to 3.1.2

OBS-URL: https://build.opensuse.org/request/show/352396
OBS-URL: https://build.opensuse.org/package/show/network/rsync?expand=0&rev=50

rsync-3.1.1.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:7de4364fcf5fe42f3bdb514417f1c40d10bbca896abe7e7f2c581c6ea08a2621
-size 890124

rsync-3.1.1.tar.gz.asc

@@ -1,7 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.11 (GNU/Linux)
-
-iEYEABECAAYFAlOnDrAACgkQbIWfsUuWqMW0kgCg6VKDRxUCliMYEUFNxH2kTx7a
-mCgAoLtqQlvkbhMxNFZdYpgFlNWYGu/9
-=R7rl
------END PGP SIGNATURE-----

rsync-3.1.2.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:ecfa62a7fa3c4c18b9eccd8c16eaddee4bd308a76ea50b5c02a5840f09c0a1c2
+size 892724

rsync-3.1.2.tar.gz.asc

@@ -0,0 +1,7 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1
+
+iEYEABECAAYFAlZ4YFQACgkQbIWfsUuWqMWrGgCfdPrmx+EiWPvI0JB/NWU+srHj
+Tl8AoPFWFY6WaZjqz95w8208rHO5KmKS
+=3xlH
+-----END PGP SIGNATURE-----

rsync-CVE-2014-9512.patch

@@ -1,104 +0,0 @@
-commit 962f8b90045ab331fc04c9e65f80f1a53e68243b
-Author: Wayne Davison <wayned@samba.org>
-Date:   Wed Dec 31 12:41:03 2014 -0800
-
-    Complain if an inc-recursive path is not right for its dir.
-    This ensures that a malicious sender can't use a just-sent
-    symlink as a trasnfer path.
-
-diff --git a/flist.c b/flist.c
-index c24672e..92e4b65 100644
---- a/flist.c
-+++ b/flist.c
-@@ -2435,8 +2435,9 @@ struct file_list *send_file_list(int f, int argc, char *argv[])
- 	return flist;
- }
- 
--struct file_list *recv_file_list(int f)
-+struct file_list *recv_file_list(int f, int dir_ndx)
- {
-+	const char *good_dirname = NULL;
- 	struct file_list *flist;
- 	int dstart, flags;
- 	int64 start_read;
-@@ -2492,6 +2493,23 @@ struct file_list *recv_file_list(int f)
- 		flist_expand(flist, 1);
- 		file = recv_file_entry(f, flist, flags);
- 
-+		if (inc_recurse) {
-+			static const char empty_dir[] = "\0";
-+			const char *cur_dir = file->dirname ? file->dirname : empty_dir;
-+			if (relative_paths && *cur_dir == '/')
-+				cur_dir++;
-+			if (cur_dir != good_dirname) {
-+				const char *d = dir_ndx >= 0 ? f_name(dir_flist->files[dir_ndx], NULL) : empty_dir;
-+				if (strcmp(cur_dir, d) != 0) {
-+					rprintf(FERROR,
-+						"ABORTING due to invalid dir prefix from sender: %s (should be: %s)\n",
-+						cur_dir, d);
-+					exit_cleanup(RERR_PROTOCOL);
-+				}
-+				good_dirname = cur_dir;
-+			}
-+		}
-+
- 		if (S_ISREG(file->mode)) {
- 			/* Already counted */
- 		} else if (S_ISDIR(file->mode)) {
-@@ -2615,7 +2633,7 @@ void recv_additional_file_list(int f)
- 			rprintf(FINFO, "[%s] receiving flist for dir %d\n",
- 				who_am_i(), ndx);
- 		}
--		flist = recv_file_list(f);
-+		flist = recv_file_list(f, ndx);
- 		flist->parent_ndx = ndx;
- 	}
- }
-diff --git a/io.c b/io.c
-index b9a9bd0..a868fa9 100644
---- a/io.c
-+++ b/io.c
-@@ -1685,7 +1685,7 @@ void wait_for_receiver(void)
- 				rprintf(FINFO, "[%s] receiving flist for dir %d\n",
- 					who_am_i(), ndx);
- 			}
--			flist = recv_file_list(iobuf.in_fd);
-+			flist = recv_file_list(iobuf.in_fd, ndx);
- 			flist->parent_ndx = ndx;
- #ifdef SUPPORT_HARD_LINKS
- 			if (preserve_hard_links)
-diff --git a/main.c b/main.c
-index e7a13f7..713b818 100644
---- a/main.c
-+++ b/main.c
-@@ -1009,7 +1009,7 @@ static void do_server_recv(int f_in, int f_out, int argc, char *argv[])
- 		filesfrom_fd = -1;
- 	}
- 
--	flist = recv_file_list(f_in);
-+	flist = recv_file_list(f_in, -1);
- 	if (!flist) {
- 		rprintf(FERROR,"server_recv: recv_file_list error\n");
- 		exit_cleanup(RERR_FILESELECT);
-@@ -1183,7 +1183,7 @@ int client_run(int f_in, int f_out, pid_t pid, int argc, char *argv[])
- 
- 	if (write_batch && !am_server)
- 		start_write_batch(f_in);
--	flist = recv_file_list(f_in);
-+	flist = recv_file_list(f_in, -1);
- 	if (inc_recurse && file_total == 1)
- 		recv_additional_file_list(f_in);
- 
-diff --git a/rsync.c b/rsync.c
-index 68ff6b1..c3ecc51 100644
---- a/rsync.c
-+++ b/rsync.c
-@@ -364,7 +364,7 @@ int read_ndx_and_attrs(int f_in, int f_out, int *iflag_ptr, uchar *type_ptr,
- 		}
- 		/* Send all the data we read for this flist to the generator. */
- 		start_flist_forward(ndx);
--		flist = recv_file_list(f_in);
-+		flist = recv_file_list(f_in, ndx);
- 		flist->parent_ndx = ndx;
- 		stop_flist_forward();
- 	}

rsync-equivalent_of_CVE-2014-8242.patch

@@ -1,95 +0,0 @@
-From eac858085e3ac94ec0ab5061d11f52652c90a869 Mon Sep 17 00:00:00 2001
-From: Wayne Davison <wayned@samba.org>
-Date: Mon, 11 May 2015 12:36:20 -0700
-Subject: [PATCH] Add compat flag to allow proper seed checksum order. Fixes
- the equivalent of librsync's CVE-2014-8242 issue.
-
----
- checksum.c | 17 +++++++++++++----
- compat.c   |  5 +++++
- options.c  |  1 +
- 3 files changed, 19 insertions(+), 4 deletions(-)
-
-Index: rsync-3.1.1/checksum.c
-===================================================================
---- rsync-3.1.1.orig/checksum.c	2015-10-06 11:18:33.293065513 +0200
-+++ rsync-3.1.1/checksum.c	2015-10-06 11:18:34.382078657 +0200
-@@ -23,6 +23,7 @@
- 
- extern int checksum_seed;
- extern int protocol_version;
-+extern int proper_seed_order;
- 
- /*
-   a simple 32 bit checksum that can be upadted from either end
-@@ -54,10 +55,18 @@ void get_checksum2(char *buf, int32 len,
- 	if (protocol_version >= 30) {
- 		uchar seedbuf[4];
- 		md5_begin(&m);
--		md5_update(&m, (uchar *)buf, len);
--		if (checksum_seed) {
--			SIVALu(seedbuf, 0, checksum_seed);
--			md5_update(&m, seedbuf, 4);
-+		if (proper_seed_order) {
-+			if (checksum_seed) {
-+				SIVALu(seedbuf, 0, checksum_seed);
-+				md5_update(&m, seedbuf, 4);
-+			}
-+			md5_update(&m, (uchar *)buf, len);
-+		} else {
-+			md5_update(&m, (uchar *)buf, len);
-+			if (checksum_seed) {
-+				SIVALu(seedbuf, 0, checksum_seed);
-+				md5_update(&m, seedbuf, 4);
-+			}
- 		}
- 		md5_result(&m, (uchar *)sum);
- 	} else {
-Index: rsync-3.1.1/compat.c
-===================================================================
---- rsync-3.1.1.orig/compat.c	2015-10-06 11:18:33.293065513 +0200
-+++ rsync-3.1.1/compat.c	2015-10-06 11:18:34.383078669 +0200
-@@ -27,6 +27,7 @@ int inc_recurse = 0;
- int compat_flags = 0;
- int use_safe_inc_flist = 0;
- int want_xattr_optim = 0;
-+int proper_seed_order = 0;
- 
- extern int am_server;
- extern int am_sender;
-@@ -78,6 +79,7 @@ int filesfrom_convert = 0;
- #define CF_SYMLINK_ICONV (1<<2)
- #define CF_SAFE_FLIST	 (1<<3)
- #define CF_AVOID_XATTR_OPTIM (1<<4)
-+#define CF_CHKSUM_SEED_FIX (1<<5)
- 
- static const char *client_info;
- 
-@@ -257,12 +259,15 @@ void setup_protocol(int f_out,int f_in)
- 				compat_flags |= CF_SAFE_FLIST;
- 			if (local_server || strchr(client_info, 'x') != NULL)
- 				compat_flags |= CF_AVOID_XATTR_OPTIM;
-+			if (local_server || strchr(client_info, 'C') != NULL)
-+				compat_flags |= CF_CHKSUM_SEED_FIX;
- 			write_byte(f_out, compat_flags);
- 		} else
- 			compat_flags = read_byte(f_in);
- 		/* The inc_recurse var MUST be set to 0 or 1. */
- 		inc_recurse = compat_flags & CF_INC_RECURSE ? 1 : 0;
- 		want_xattr_optim = protocol_version >= 31 && !(compat_flags & CF_AVOID_XATTR_OPTIM);
-+		proper_seed_order = compat_flags & CF_CHKSUM_SEED_FIX ? 1 : 0;
- 		if (am_sender) {
- 			receiver_symlink_times = am_server
- 			    ? strchr(client_info, 'L') != NULL
-Index: rsync-3.1.1/options.c
-===================================================================
---- rsync-3.1.1.orig/options.c	2015-10-06 11:18:34.383078669 +0200
-+++ rsync-3.1.1/options.c	2015-10-06 11:19:37.630842114 +0200
-@@ -2505,6 +2505,7 @@ void server_options(char **args, int *ar
- #endif
- 		argstr[x++] = 'f'; /* flist I/O-error safety support */
- 		argstr[x++] = 'x'; /* xattr hardlink optimization not desired */
-+		argstr[x++] = 'C'; /* support checksum seed order fix */
- 	}
- 
- 	if (x >= (int)sizeof argstr) { /* Not possible... */

rsync-no-libattr.patch

@@ -1,7 +1,7 @@
 --- rsync-3.1.1.orig/configure.ac
 +++ rsync-3.1.1/configure.ac
-@@ -1082,7 +1082,7 @@ else
- 	AC_DEFINE(HAVE_LINUX_XATTRS, 1, [True if you have Linux xattrs])
+@@ -1050,7 +1050,7 @@ else
+ 	AC_DEFINE(HAVE_LINUX_XATTRS, 1, [True if you have Linux xattrs (or equivalent)])
  	AC_DEFINE(SUPPORT_XATTRS, 1)
  	AC_DEFINE(NO_SYMLINK_USER_XATTRS, 1, [True if symlinks do not support user xattrs])
 -	AC_CHECK_LIB(attr,getxattr)

rsync-patches-3.1.1.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:547ea4a37eb497050b37bda029dee4927436781e7b0e4eb207c2fad54d4a3246
-size 167954

rsync-patches-3.1.1.tar.gz.asc

@@ -1,7 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.11 (GNU/Linux)
-
-iEYEABECAAYFAlOnDrAACgkQbIWfsUuWqMUt9gCg2WI1tL9DZVyeWiG15jAKjC7U
-3q0AoJq9N/4dRiOBzXVnKFj5e1XAH1hH
-=Fk/v
------END PGP SIGNATURE-----

rsync-patches-3.1.2.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:edeebe9f2532ae291ce43fb86c9d7aaf80ba4edfdad25dce6d42dc33286b2326
+size 174333

rsync-patches-3.1.2.tar.gz.asc

@@ -0,0 +1,7 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1
+
+iEYEABECAAYFAlZ4YFQACgkQbIWfsUuWqMVZzQCgvpWP/NwCL5pg6w0pjefTcZVC
+5SQAn15F46MsD/aR6jYWQLCDQVCZJeXp
+=fxKd
+-----END PGP SIGNATURE-----

rsync.changes

@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Wed Jan  6 10:26:26 UTC 2016 - hsk@imb-jena.de
+
+- update to 3.1.2
+- drop patches rsync-CVE-2014-9512.patch,
+  rsync-equivalent_of_CVE-2014-8242.patch (applied upstream)
+
 -------------------------------------------------------------------
 Wed Oct  7 12:26:26 UTC 2015 - vcizek@suse.com
 

rsync.spec

@@ -22,7 +22,7 @@
 %endif
 
 Name:           rsync
-Version:        3.1.1
+Version:        3.1.2
 Release:        0
 Summary:        Versatile tool for fast incremental file transfer
 License:        GPL-3.0+
@@ -42,12 +42,11 @@ Source10:       http://rsync.samba.org/ftp/rsync/src/rsync-%{version}.tar.gz.asc
 Source11:       http://rsync.samba.org/ftp/rsync/src/rsync-patches-%{version}.tar.gz.asc
 Source12:       %{name}.keyring
 Patch3:         system-zlib.diff
-Patch4:         rsync-CVE-2014-9512.patch
 Patch5:         rsync-no-libattr.patch
 #PATCH-FIX-SUSE boo#922710 slp
 Patch6:         rsync-add_back_use_slp_directive.patch
-Patch7:         rsync-equivalent_of_CVE-2014-8242.patch
 BuildRequires:  autoconf
+BuildRequires:  automake
 BuildRequires:  libacl-devel
 BuildRequires:  openslp-devel
 BuildRequires:  popt-devel
@@ -84,12 +83,10 @@ for backups and mirroring and as an improved copy command for everyday use.
 rm -f zlib/*.h
 %patch3
 %endif
-%patch4 -p1
 patch -p1 < patches/acls.diff
 patch -p1 < patches/xattrs.diff
 patch -p1 < patches/slp.diff
 %patch6 -p1
-%patch7 -p1
 # fate#312479
 patch -p1 < patches/time-limit.diff
 %patch5 -p1