From 9870342977158c8d58cdce5d85f39e28544dd88d Mon Sep 17 00:00:00 2001 From: MSVSphere Packaging Team Date: Fri, 22 Sep 2023 18:24:11 +0300 Subject: [PATCH] import librabbitmq-0.11.0-7.el9 --- .gitignore | 1 + .librabbitmq.metadata | 1 + SOURCES/rabbitmq-c-CVE-2023-35789.patch | 125 ++++++++++ SOURCES/rabbitmq-c-static.patch | 41 ++++ SOURCES/rabbitmq-c-version.patch | 25 ++ SPECS/librabbitmq.spec | 307 ++++++++++++++++++++++++ 6 files changed, 500 insertions(+) create mode 100644 .gitignore create mode 100644 .librabbitmq.metadata create mode 100644 SOURCES/rabbitmq-c-CVE-2023-35789.patch create mode 100644 SOURCES/rabbitmq-c-static.patch create mode 100644 SOURCES/rabbitmq-c-version.patch create mode 100644 SPECS/librabbitmq.spec diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..c3330a3 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/rabbitmq-c-0.11.0-a64c08c.tar.gz diff --git a/.librabbitmq.metadata b/.librabbitmq.metadata new file mode 100644 index 0000000..93028c6 --- /dev/null +++ b/.librabbitmq.metadata @@ -0,0 +1 @@ +e7821abf0fac22b7e6505f01943e64b16d9de2ab SOURCES/rabbitmq-c-0.11.0-a64c08c.tar.gz diff --git a/SOURCES/rabbitmq-c-CVE-2023-35789.patch b/SOURCES/rabbitmq-c-CVE-2023-35789.patch new file mode 100644 index 0000000..71f8ba9 --- /dev/null +++ b/SOURCES/rabbitmq-c-CVE-2023-35789.patch @@ -0,0 +1,125 @@ +commit 463054383fbeef889b409a7f843df5365288e2a0 +Author: Christian Kastner +Date: Tue Jun 13 14:21:52 2023 +0200 + + Add option to read username/password from file (#781) + + * Add option to read username/password from file + +diff --git a/tools/common.c b/tools/common.c +index 73b47e2..7efe557 100644 +--- a/tools/common.c ++++ b/tools/common.c +@@ -18,6 +18,11 @@ + #include "compat.h" + #endif + ++/* For when reading auth data from a file */ ++#define MAXAUTHTOKENLEN 128 ++#define USERNAMEPREFIX "username:" ++#define PASSWORDPREFIX "password:" ++ + void die(const char *fmt, ...) { + va_list ap; + va_start(ap, fmt); +@@ -125,6 +130,7 @@ static char *amqp_vhost; + static char *amqp_username; + static char *amqp_password; + static int amqp_heartbeat = 0; ++static char *amqp_authfile; + #ifdef WITH_SSL + static int amqp_ssl = 0; + static char *amqp_cacert = "/etc/ssl/certs/cacert.pem"; +@@ -147,6 +153,8 @@ struct poptOption connect_options[] = { + "the password to login with", "password"}, + {"heartbeat", 0, POPT_ARG_INT, &amqp_heartbeat, 0, + "heartbeat interval, set to 0 to disable", "heartbeat"}, ++ {"authfile", 0, POPT_ARG_STRING, &amqp_authfile, 0, ++ "path to file containing username/password for authentication", "file"}, + #ifdef WITH_SSL + {"ssl", 0, POPT_ARG_NONE, &amqp_ssl, 0, "connect over SSL/TLS", NULL}, + {"cacert", 0, POPT_ARG_STRING, &amqp_cacert, 0, +@@ -158,6 +166,50 @@ struct poptOption connect_options[] = { + #endif /* WITH_SSL */ + {NULL, '\0', 0, NULL, 0, NULL, NULL}}; + ++void read_authfile(const char *path) { ++ size_t n; ++ FILE *fp = NULL; ++ char token[MAXAUTHTOKENLEN]; ++ ++ if ((amqp_username = malloc(MAXAUTHTOKENLEN)) == NULL || ++ (amqp_password = malloc(MAXAUTHTOKENLEN)) == NULL) { ++ die("Out of memory"); ++ } else if ((fp = fopen(path, "r")) == NULL) { ++ die("Could not read auth data file %s", path); ++ } ++ ++ if (fgets(token, MAXAUTHTOKENLEN, fp) == NULL || ++ strncmp(token, USERNAMEPREFIX, strlen(USERNAMEPREFIX))) { ++ die("Malformed auth file (missing username)"); ++ } ++ strncpy(amqp_username, &token[strlen(USERNAMEPREFIX)], MAXAUTHTOKENLEN); ++ /* Missing newline means token was cut off */ ++ n = strlen(amqp_username); ++ if (amqp_username[n - 1] != '\n') { ++ die("Username too long"); ++ } else { ++ amqp_username[n - 1] = '\0'; ++ } ++ ++ if (fgets(token, MAXAUTHTOKENLEN, fp) == NULL || ++ strncmp(token, PASSWORDPREFIX, strlen(PASSWORDPREFIX))) { ++ die("Malformed auth file (missing password)"); ++ } ++ strncpy(amqp_password, &token[strlen(PASSWORDPREFIX)], MAXAUTHTOKENLEN); ++ /* Missing newline means token was cut off */ ++ n = strlen(amqp_password); ++ if (amqp_password[n - 1] != '\n') { ++ die("Password too long"); ++ } else { ++ amqp_password[n - 1] = '\0'; ++ } ++ ++ (void)fgetc(fp); ++ if (!feof(fp)) { ++ die("Malformed auth file (trailing data)"); ++ } ++} ++ + static void init_connection_info(struct amqp_connection_info *ci) { + ci->user = NULL; + ci->password = NULL; +@@ -237,6 +289,8 @@ static void init_connection_info(struct amqp_connection_info *ci) { + if (amqp_username) { + if (amqp_url) { + die("--username and --url options cannot be used at the same time"); ++ } else if (amqp_authfile) { ++ die("--username and --authfile options cannot be used at the same time"); + } + + ci->user = amqp_username; +@@ -245,11 +299,23 @@ static void init_connection_info(struct amqp_connection_info *ci) { + if (amqp_password) { + if (amqp_url) { + die("--password and --url options cannot be used at the same time"); ++ } else if (amqp_authfile) { ++ die("--password and --authfile options cannot be used at the same time"); + } + + ci->password = amqp_password; + } + ++ if (amqp_authfile) { ++ if (amqp_url) { ++ die("--authfile and --url options cannot be used at the same time"); ++ } ++ ++ read_authfile(amqp_authfile); ++ ci->user = amqp_username; ++ ci->password = amqp_password; ++ } ++ + if (amqp_vhost) { + if (amqp_url) { + die("--vhost and --url options cannot be used at the same time"); diff --git a/SOURCES/rabbitmq-c-static.patch b/SOURCES/rabbitmq-c-static.patch new file mode 100644 index 0000000..0315347 --- /dev/null +++ b/SOURCES/rabbitmq-c-static.patch @@ -0,0 +1,41 @@ +From a8c05cb16afbf852fc584f2c2d31d2f7f0e3a48d Mon Sep 17 00:00:00 2001 +From: Remi Collet +Date: Thu, 1 Apr 2021 11:21:36 +0200 +Subject: [PATCH] add option to install or not the static library + +--- + CMakeLists.txt | 1 + + librabbitmq/CMakeLists.txt | 8 +++++--- + 2 files changed, 6 insertions(+), 3 deletions(-) + +diff --git a/CMakeLists.txt b/CMakeLists.txt +index a9a29fdd..a7cf8f2c 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -245,6 +245,7 @@ endif() + + option(BUILD_SHARED_LIBS "Build rabbitmq-c as a shared library" ON) + option(BUILD_STATIC_LIBS "Build rabbitmq-c as a static library" ON) ++option(INSTALL_STATIC_LIBS "Install rabbitmq-c static library" ON) + + option(BUILD_EXAMPLES "Build Examples" ON) + option(BUILD_TOOLS "Build Tools (requires POPT Library)" ${POPT_FOUND}) +diff --git a/librabbitmq/CMakeLists.txt b/librabbitmq/CMakeLists.txt +index d8dcd262..72b4a875 100644 +--- a/librabbitmq/CMakeLists.txt ++++ b/librabbitmq/CMakeLists.txt +@@ -154,9 +154,11 @@ if (BUILD_STATIC_LIBS) + set_target_properties(rabbitmq-static PROPERTIES VERSION ${RMQ_VERSION} SOVERSION ${RMQ_SOVERSION} OUTPUT_NAME rabbitmq) + endif (WIN32) + +- install(TARGETS rabbitmq-static EXPORT "${targets_export_name}" +- ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR} +- ) ++ if (INSTALL_STATIC_LIBS) ++ install(TARGETS rabbitmq-static EXPORT "${targets_export_name}" ++ ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR} ++ ) ++ endif (INSTALL_STATIC_LIBS) + + if (NOT DEFINED RMQ_LIBRARY_TARGET) + set(RMQ_LIBRARY_TARGET rabbitmq-static) diff --git a/SOURCES/rabbitmq-c-version.patch b/SOURCES/rabbitmq-c-version.patch new file mode 100644 index 0000000..9826170 --- /dev/null +++ b/SOURCES/rabbitmq-c-version.patch @@ -0,0 +1,25 @@ +From 2a9ae303f7fa7bc115ecb827c1c3c7c9f84558dd Mon Sep 17 00:00:00 2001 +From: Remi Collet +Date: Thu, 1 Apr 2021 14:48:25 +0200 +Subject: [PATCH] Fix #666 bad PACKAGE_VERSION + +--- + CMakeLists.txt | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/CMakeLists.txt b/CMakeLists.txt +index a9a29fd..74364cf 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -322,7 +322,7 @@ set(version_config "${CMAKE_CURRENT_BINARY_DIR}/rabbitmq-c-config-version.cmake" + + write_basic_package_version_file( + "${version_config}" +- VERSION ${RMQ_VERSION} ++ VERSION ${VERSION} + COMPATIBILITY AnyNewerVersion) + + configure_package_config_file( +-- +2.30.2 + diff --git a/SPECS/librabbitmq.spec b/SPECS/librabbitmq.spec new file mode 100644 index 0000000..a0b3456 --- /dev/null +++ b/SPECS/librabbitmq.spec @@ -0,0 +1,307 @@ +# Fedora spec file for librabbitmq +# +# Copyright (c) 2012-2021 Remi Collet +# License: CC-BY-SA +# http://creativecommons.org/licenses/by-sa/4.0/ +# +# Please, preserve the changelog entries +# + +%bcond_without tests + +%global gh_commit a64c08c68aff34d49a2ac152f04988cd921084f9 +%global gh_short %(c=%{gh_commit}; echo ${c:0:7}) +%global gh_owner alanxz +%global gh_project rabbitmq-c +%global libname librabbitmq +%global soname 4 + +Name: %{libname} +Summary: Client library for AMQP +Version: 0.11.0 +Release: 7%{?dist} +License: MIT +URL: https://github.com/alanxz/rabbitmq-c + +Source0: https://github.com/%{gh_owner}/%{gh_project}/archive/%{gh_commit}/%{gh_project}-%{version}-%{gh_short}.tar.gz + +# don't install static library +Patch0: %{gh_project}-static.patch +# fix version for cmake module +Patch1: %{gh_project}-version.patch +# CVE-2023-35789 +Patch2: rabbitmq-c-CVE-2023-35789.patch + +BuildRequires: gcc +BuildRequires: cmake > 2.8 +BuildRequires: openssl-devel +# For tools +BuildRequires: popt-devel > 1.14 +# For man page +BuildRequires: xmlto +BuildRequires: make + + +%description +This is a C-language AMQP client library for use with AMQP servers +speaking protocol versions 0-9-1. + + +%package devel +Summary: Header files and development libraries for %{name} +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description devel +This package contains the header files and development libraries +for %{name}. + + +%package tools +Summary: Example tools built using the librabbitmq package +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description tools +This package contains example tools built using %{name}. + +It provides: +amqp-consume Consume messages from a queue on an AMQP server +amqp-declare-queue Declare a queue on an AMQP server +amqp-delete-queue Delete a queue from an AMQP server +amqp-get Get a message from a queue on an AMQP server +amqp-publish Publish a message on an AMQP server + + +%prep +%setup -q -n %{gh_project}-%{gh_commit} +%patch -P0 -p1 +%patch -P1 -p1 +%patch -P2 -p1 + +# Copy sources to be included in -devel docs. +cp -pr examples Examples + +# This test requires a running server +sed -e '/test_basic/d' -i tests/CMakeLists.txt + + +%build +# static lib required for tests +%cmake \ + -DBUILD_TOOLS_DOCS:BOOL=ON \ +%if %{with tests} + -DINSTALL_STATIC_LIBS:BOOL=OFF \ +%else + -DBUILD_TESTS:BOOL=OFF \ + -DBUILD_STATIC_LIBS:BOOL=OFF \ +%endif + -S . + +%if 0%{?cmake_build:1} +%cmake_build +%else +make %{_smp_mflags} +%endif + + +%install +%if 0%{?cmake_install:1} +%cmake_install +%else +make install DESTDIR="%{buildroot}" +%endif + + +%check +: check .pc is usable +grep @ %{buildroot}%{_libdir}/pkgconfig/librabbitmq.pc && exit 1 +: check cmake files are usable +grep static %{buildroot}%{_libdir}/cmake/rabbitmq-c/*.cmake && exit 1 + +%if %{with tests} +: upstream tests +%if 0%{?ctest:1} +%ctest +%else +make test +%endif +%else +: Tests disabled +%endif + + +%files +%license LICENSE-MIT +%{_libdir}/%{libname}.so.%{soname}* + + +%files devel +%doc AUTHORS THANKS TODO *.md +%doc Examples +%{_libdir}/%{libname}.so +%{_includedir}/amqp* +%{_libdir}/pkgconfig/%{libname}.pc +%{_libdir}/cmake/rabbitmq-c + +%files tools +%{_bindir}/amqp-* +%doc %{_mandir}/man1/amqp-*.1* +%doc %{_mandir}/man7/librabbitmq-tools.7* + + +%changelog +* Fri Jun 23 2023 Than Ngo - 0.11.0-7 +- add missing gating.yaml +- fix rpminspect issue +Related: #2215766 + +* Fri Jun 23 2023 Than Ngo - 0.11.0-6 +- Resolves: #2215766, insecure credentials submission + +* Mon Aug 09 2021 Mohan Boddu - 0.11.0-5 +- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags + Related: rhbz#1991688 + +* Wed Jun 16 2021 Mohan Boddu - 0.11.0-4 +- Rebuilt for RHEL 9 BETA for openssl 3.0 + Related: rhbz#1971065 + +* Fri Apr 16 2021 Mohan Boddu - 0.11.0-3 +- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 + +* Thu Apr 1 2021 Remi Collet - 0.11.0-2 +- add patch to fix version in cmake file from + https://github.com/alanxz/rabbitmq-c/pull/667 + +* Thu Apr 1 2021 Remi Collet - 0.11.0-1 +- update to 0.11.0 +- add patch to not install the static library, from + https://github.com/alanxz/rabbitmq-c/pull/665 + +* Tue Jan 26 2021 Fedora Release Engineering - 0.10.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Thu Aug 13 2020 Remi Collet - 0.10.0-3 +- fix cmake macros usage, FTBFS #1863670 + +* Wed Jan 29 2020 Fedora Release Engineering - 0.10.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Mon Dec 2 2019 Remi Collet - 0.10.0-1 +- update to 0.10.0 + +* Thu Jul 25 2019 Fedora Release Engineering - 0.9.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Mon Feb 4 2019 Remi Collet - 0.9.0-3 +- fix cmake invocation and FTBFS + +* Fri Feb 01 2019 Fedora Release Engineering - 0.9.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Fri Jul 13 2018 Fedora Release Engineering - 0.9.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Tue May 15 2018 Remi Collet - 0.9.0-1 +- update to 0.9.0 + +* Tue Feb 20 2018 Remi Collet - 0.8.0-7 +- missing BR on C compiler + +* Thu Feb 15 2018 Remi Collet - 0.8.0-6 +- drop ldconfig scriptlets + +* Wed Feb 07 2018 Fedora Release Engineering - 0.8.0-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Thu Aug 03 2017 Fedora Release Engineering - 0.8.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Wed Jul 26 2017 Fedora Release Engineering - 0.8.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Fri Feb 10 2017 Fedora Release Engineering - 0.8.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Tue Apr 12 2016 Remi Collet - 0.8.0-1 +- update to 0.8.0 + +* Thu Feb 04 2016 Fedora Release Engineering - 0.7.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Tue Oct 13 2015 Remi Collet - 0.7.1-1 +- update to 0.7.1 + +* Fri Jul 3 2015 Remi Collet - 0.7.0-1 +- update to 0.7.0 +- swicth to cmake +- switch from upstream tarball to github sources + +* Wed Jun 17 2015 Fedora Release Engineering - 0.6.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Mon Apr 20 2015 Remi Collet - 0.6.0-1 +- update to 0.6.0 +- soname changed to .4 + +* Mon Sep 15 2014 Remi Collet - 0.5.2-1 +- update to 0.5.2 + +* Sun Aug 17 2014 Fedora Release Engineering - 0.5.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Wed Aug 13 2014 Remi Collet - 0.5.1-1 +- update to 0.5.1 +- fix license handling +- move all documentation in devel subpackage + +* Sat Jun 07 2014 Fedora Release Engineering - 0.5.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Tue Apr 15 2014 Remi Collet - 0.5.0-2 +- upstream patch for missing function + +* Mon Feb 17 2014 Remi Collet - 0.5.0-1 +- update to 0.5.0 +- open https://github.com/alanxz/rabbitmq-c/issues/169 (version is 0.5.1-pre) +- open https://github.com/alanxz/rabbitmq-c/issues/170 (amqp_get_server_properties) + +* Mon Jan 13 2014 Remi Collet - 0.4.1-4 +- drop BR python-simplejson + +* Tue Jan 7 2014 Remi Collet - 0.4.1-3 +- fix broken librabbitmq.pc, #1039555 +- add check for usable librabbitmq.pc + +* Thu Jan 2 2014 Remi Collet - 0.4.1-2 +- fix Source0 URL + +* Sat Sep 28 2013 Remi Collet - 0.4.1-1 +- update to 0.4.1 +- add ssl support + +* Thu Aug 1 2013 Remi Collet - 0.3.0-3 +- cleanups + +* Wed Mar 13 2013 Remi Collet - 0.3.0-2 +- remove tools from main package + +* Wed Mar 13 2013 Remi Collet - 0.3.0-1 +- update to 0.3.0 +- create sub-package for tools + +* Thu Feb 14 2013 Fedora Release Engineering - 0.2-0.2.git2059570 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Wed Aug 01 2012 Remi Collet - 0.2-0.1.git2059570 +- update to latest snapshot (version 0.2, moved to github) +- License is now MIT + +* Thu Jul 19 2012 Fedora Release Engineering - 0.1-0.3.hgfb6fca832fd2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Sun Mar 11 2012 Remi Collet - 0.1-0.2.hgfb6fca832fd2 +- add %%check (per review comment) + +* Sat Mar 10 2012 Remi Collet - 0.1-0.1.hgfb6fca832fd2 +- Initial RPM +