csync2: add CVE-2019-15522 fix

Closes: #26308 [via git-merge-pr]
This commit is contained in:
Nathan Owens 2020-11-11 18:23:47 -06:00 committed by Piraty
parent 041c89a41d
commit 0baf47ac2f
No known key found for this signature in database
GPG Key ID: 82F2CC796BD07077
2 changed files with 31 additions and 6 deletions

View File

@ -0,0 +1,21 @@
From 416f1de878ef97e27e27508914f7ba8599a0be22 Mon Sep 17 00:00:00 2001
From: Malte Kraus <malte.kraus@suse.com>
Date: Tue, 13 Aug 2019 11:25:57 +0200
Subject: [PATCH] fail HELLO command when SSL is required
---
daemon.c | 1 +
1 file changed, 1 insertion(+)
diff --git daemon.c daemon.c
index 2d8407d..2a1a8af 100644
--- daemon.c
+++ daemon.c
@@ -747,6 +747,7 @@ void csync_daemon_session()
goto conn_without_ssl_ok;
}
cmd_error = conn_response(CR_ERR_SSL_EXPECTED);
+ peer = NULL;
}
conn_without_ssl_ok:;
#endif

View File

@ -1,15 +1,19 @@
# Template file for 'csync2'
pkgname=csync2
version=2.0
revision=3
revision=4
wrksrc="$pkgname-$pkgname-$version"
build_style=gnu-configure
conf_files="/etc/csync2.cfg"
hostmakedepends="pkg-config"
hostmakedepends="automake bison flex pkg-config"
makedepends="librsync-devel sqlite-devel gnutls-devel"
short_desc="A cluster synchronization tool"
short_desc="Cluster synchronization tool"
maintainer="Diogo Leal <diogo@diogoleal.com>"
license="GPL-3"
license="GPL-2.0-or-later"
homepage="http://oss.linbit.com/csync2/"
distfiles="http://oss.linbit.com/csync2/csync2-${version}.tar.gz"
checksum=11cb37380fb185bce0c22b804fec9b01c385d9d83cc528cfd48d748453834fa2
distfiles="https://github.com/LINBIT/csync2/archive/csync2-$version.tar.gz"
checksum=a1c6b0364eb9f19986a92fccd369bae29aa5aa55300e0664dadaf80d80de23ff
pre_configure() {
autoreconf -fi
}