From 33e5ba4a444909ae809974207d7217179f1a4179 Mon Sep 17 00:00:00 2001 From: MSVSphere Packaging Team Date: Fri, 25 Oct 2024 19:07:00 +0300 Subject: [PATCH] import rest-0.9.1-10.el10 --- .gitignore | 1 + .rest.metadata | 1 + ...oxy_call_sync-bail-out-if-no-payload.patch | 40 +++ ...ntial-problems-in-parsing-oauth2-acc.patch | 52 ++++ SPECS/rest.spec | 289 ++++++++++++++++++ 5 files changed, 383 insertions(+) create mode 100644 .gitignore create mode 100644 .rest.metadata create mode 100644 SOURCES/0001-rest_proxy_call_sync-bail-out-if-no-payload.patch create mode 100644 SOURCES/0002-Handle-some-potential-problems-in-parsing-oauth2-acc.patch create mode 100644 SPECS/rest.spec diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..9f7fdcb --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/rest-0.9.1.tar.xz diff --git a/.rest.metadata b/.rest.metadata new file mode 100644 index 0000000..cb98c16 --- /dev/null +++ b/.rest.metadata @@ -0,0 +1 @@ +0f7d2d43d43af4f7b181153aaefdf803afbfd82b SOURCES/rest-0.9.1.tar.xz diff --git a/SOURCES/0001-rest_proxy_call_sync-bail-out-if-no-payload.patch b/SOURCES/0001-rest_proxy_call_sync-bail-out-if-no-payload.patch new file mode 100644 index 0000000..14e41ba --- /dev/null +++ b/SOURCES/0001-rest_proxy_call_sync-bail-out-if-no-payload.patch @@ -0,0 +1,40 @@ +From fbad64abe28a96f591a30e3a5d3189c10172a414 Mon Sep 17 00:00:00 2001 +From: Adam Williamson +Date: Tue, 30 Aug 2022 10:03:57 -0700 +Subject: [PATCH 1/2] rest_proxy_call_sync: bail out if no payload + +goa-daemon is crashing on suspend/resume with a traceback that +points here: it calls rest_proxy_call_sync, that calls +_rest_proxy_send_message, assumes it gets a `payload` back, +and calls `finish_call` with it. However, it's not actually +guaranteed that `_rest_proxy_send_message` will return a payload +(a `GBytes`). There are three ways it can return `NULL` instead: +if it's passed a wrong proxy or message, or - when built against +libsoup3 - if there is an error sending the message (it passes +through the return value of `soup_session_send_and_read`, and +that's documented to be `NULL` on error). + +If `payload` comes back `NULL`, let's just return `FALSE`, like +we do if there's a problem with the call or message. + +Signed-off-by: Adam Williamson +--- + rest/rest-proxy-call.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/rest/rest-proxy-call.c b/rest/rest-proxy-call.c +index 851b397..07b8b49 100644 +--- a/rest/rest-proxy-call.c ++++ b/rest/rest-proxy-call.c +@@ -1428,6 +1428,8 @@ rest_proxy_call_sync (RestProxyCall *call, + return FALSE; + + payload = _rest_proxy_send_message (priv->proxy, message, priv->cancellable, error_out); ++ if (!payload) ++ return FALSE; + + ret = finish_call (call, message, payload, error_out); + +-- +2.37.1 + diff --git a/SOURCES/0002-Handle-some-potential-problems-in-parsing-oauth2-acc.patch b/SOURCES/0002-Handle-some-potential-problems-in-parsing-oauth2-acc.patch new file mode 100644 index 0000000..f437c7d --- /dev/null +++ b/SOURCES/0002-Handle-some-potential-problems-in-parsing-oauth2-acc.patch @@ -0,0 +1,52 @@ +From 49c2d0ac00b959ce53cc00ca4e7758c21085722f Mon Sep 17 00:00:00 2001 +From: Adam Williamson +Date: Tue, 30 Aug 2022 10:59:01 -0700 +Subject: [PATCH 2/2] Handle some potential problems in parsing oauth2 access + tokens + +It's possible for `_rest_proxy_send_message` to return `NULL`, +which would mean the `payload` here would be `NULL`. If so, +we're not going to be able to do anything, so we should just +bail out. + +It's also possible for `json_parser_load_from_data` to return +`FALSE` without setting an error. The most obvious way would be +if `data` was `NULL`, which the bailout avoids, but it could +also happen if we pass an invalid parser somehow. Let's just +handle that too, to be safe. + +Signed-off-by: Adam Williamson +--- + rest/rest-oauth2-proxy.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/rest/rest-oauth2-proxy.c b/rest/rest-oauth2-proxy.c +index 9511f97..a715b2b 100644 +--- a/rest/rest-oauth2-proxy.c ++++ b/rest/rest-oauth2-proxy.c +@@ -68,18 +68,21 @@ rest_oauth2_proxy_parse_access_token (RestOAuth2Proxy *self, + gsize size; + gint expires_in; + gint created_at; ++ gboolean ret; + + g_return_if_fail (REST_IS_OAUTH2_PROXY (self)); ++ g_return_if_fail (payload); + + data = g_bytes_get_data (payload, &size); + + parser = json_parser_new (); +- json_parser_load_from_data (parser, data, size, &error); ++ ret = json_parser_load_from_data (parser, data, size, &error); + if (error != NULL) + { + g_task_return_error (task, error); + return; + } ++ g_return_if_fail (ret); + + root = json_parser_get_root (parser); + root_object = json_node_get_object (root); +-- +2.37.1 + diff --git a/SPECS/rest.spec b/SPECS/rest.spec new file mode 100644 index 0000000..9c19c83 --- /dev/null +++ b/SPECS/rest.spec @@ -0,0 +1,289 @@ +Name: rest +Version: 0.9.1 +Release: 10%{?dist} +Summary: A library for access to RESTful web services + +License: LGPL-2.1-only +URL: https://gitlab.gnome.org/GNOME/librest +Source0: https://download.gnome.org/sources/%{name}/0.9/%{name}-%{version}.tar.xz + +# Fix some crash paths exposed by the libsoup3 port, including a +# crash on suspend/resume with Google accounts: +# https://gitlab.gnome.org/GNOME/librest/-/merge_requests/30 +Patch0: 0001-rest_proxy_call_sync-bail-out-if-no-payload.patch +Patch1: 0002-Handle-some-potential-problems-in-parsing-oauth2-acc.patch + +BuildRequires: meson +BuildRequires: pkgconfig(glib-2.0) +BuildRequires: pkgconfig(gio-2.0) +BuildRequires: pkgconfig(gobject-introspection-1.0) +BuildRequires: pkgconfig(libsoup-3.0) +BuildRequires: pkgconfig(libxml-2.0) +BuildRequires: pkgconfig(json-glib-1.0) +BuildRequires: pkgconfig(libadwaita-1) +BuildRequires: pkgconfig(gtksourceview-5) +BuildRequires: pkgconfig(gi-docgen) + +%description +This library was designed to make it easier to access web services that +claim to be "RESTful". A RESTful service should have urls that represent +remote objects, which methods can then be called on. The majority of services +don't actually adhere to this strict definition. Instead, their RESTful end +point usually has an API that is just simpler to use compared to other types +of APIs they may support (XML-RPC, for instance). It is this kind of API that +this library is attempting to support. + +%package devel +Summary: Development package for %{name} +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description devel +Files for development with %{name}. + +%package demo +Summary: Demo application for %{name} +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description demo +Demo application for %{name}. + +%prep +%autosetup -p1 -S gendiff + +%build +%meson +%meson_build + +%install +%meson_install + +%files +%license COPYING +%doc AUTHORS README.md +%{_libdir}/librest-1.0.so.0* +%{_libdir}/librest-extras-1.0.so.0* +%{_libdir}/girepository-1.0/Rest-1.0.typelib +%{_libdir}/girepository-1.0/RestExtras-1.0.typelib + +%files devel +%{_includedir}/rest-1.0/ +%{_libdir}/pkgconfig/rest-1.0.pc +%{_libdir}/pkgconfig/rest-extras-1.0.pc +%{_libdir}/librest-1.0.so +%{_libdir}/librest-extras-1.0.so +%{_datadir}/doc/librest-1.0/ +%{_datadir}/gir-1.0/Rest-1.0.gir +%{_datadir}/gir-1.0/RestExtras-1.0.gir + +%files demo +%{_bindir}/librest-demo +%{_datadir}/applications/org.gnome.RestDemo.desktop + +%changelog +* Mon Jun 24 2024 Troy Dawson - 0.9.1-10 +- Bump release for June 2024 mass rebuild + +* Fri Jan 26 2024 Fedora Release Engineering - 0.9.1-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Mon Jan 22 2024 Fedora Release Engineering - 0.9.1-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Fri Jul 21 2023 Fedora Release Engineering - 0.9.1-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Fri Jan 20 2023 Fedora Release Engineering - 0.9.1-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Tue Aug 30 2022 Adam Williamson - 0.9.1-5 +- Backport MR #30 to fix some crashes in the libsoup3 port + +* Sat Jul 23 2022 Fedora Release Engineering - 0.9.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Tue Jul 19 2022 Kalev Lember - 0.9.1-3 +- Simplify files list a bit +- Split librest-demo out to a rest-demo subpackage +- Update source URLs + +* Mon Jul 18 2022 Milan Crha - 0.9.1-1 +- Update to 0.9.1 +- Build against libsoup3 + +* Fri Jan 21 2022 Fedora Release Engineering - 0.8.1-12 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Sun Jan 16 2022 Peter Robinson - 0.8.1-11 +- Rebuild + +* Fri Jul 23 2021 Fedora Release Engineering - 0.8.1-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Wed Jan 27 2021 Fedora Release Engineering - 0.8.1-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Wed Jul 29 2020 Fedora Release Engineering - 0.8.1-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Thu Jan 30 2020 Fedora Release Engineering - 0.8.1-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Fri Jul 26 2019 Fedora Release Engineering - 0.8.1-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Sat Feb 02 2019 Fedora Release Engineering - 0.8.1-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Sat Jul 14 2018 Fedora Release Engineering - 0.8.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Thu Jun 07 2018 Debarshi Ray - 0.8.1-3 +- Fix the XML test + +* Fri Feb 09 2018 Fedora Release Engineering - 0.8.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Tue Oct 17 2017 Debarshi Ray - 0.8.1-1 +- Update to 0.8.1 + +* Thu Aug 03 2017 Fedora Release Engineering - 0.8.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Thu Jul 27 2017 Fedora Release Engineering - 0.8.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Sat Feb 11 2017 Fedora Release Engineering - 0.8.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Mon Apr 18 2016 Christophe Fergeau 0.8.0-1 +- Update to 0.8.0 upstream release + +* Thu Feb 04 2016 Fedora Release Engineering - 0.7.93-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Thu Jun 18 2015 Fedora Release Engineering - 0.7.93-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Wed Mar 18 2015 Kalev Lember - 0.7.93-1 +- Update to 0.7.93 +- Tighten deps with the _isa macro +- Don't manually require pkgconfig; rpmbuild generates this automatically +- Use license macro for the COPYING file + +* Fri Jan 9 2015 Debarshi Ray 0.7.92-6 +- Backport upstream patch to fix a memory error (GNOME #742644) + +* Wed Sep 3 2014 Peter Robinson 0.7.92-5 +- Update to 0.7.92 + +* Sun Aug 17 2014 Fedora Release Engineering - 0.7.91-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Wed Aug 6 2014 Peter Robinson 0.7.91-4 +- Drop old patch that doesn't appear to be needed any more and causes build issues + +* Tue Jul 22 2014 Kalev Lember - 0.7.91-3 +- Rebuilt for gobject-introspection 1.41.4 + +* Sun Jun 08 2014 Fedora Release Engineering - 0.7.91-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Tue Mar 11 2014 Richard Hughes - 0.7.91-1 +- Update to 0.7.91 + +* Sun Aug 04 2013 Fedora Release Engineering - 0.7.90-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Tue Jul 16 2013 Matthias Clasen 0.7.90-4 +- Rebuild with newer gtk-doc to fix multilib issue + +* Sat Apr 13 2013 Peter Robinson 0.7.90-3 +- Run autoreconf for aarch64 (RHBZ 926440) + +* Thu Feb 14 2013 Fedora Release Engineering - 0.7.90-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Tue Aug 14 2012 Peter Robinson - 0.7.90-1 +- Release 0.7.90 + +* Sat Jul 21 2012 Fedora Release Engineering - 0.7.12-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Sat Jan 14 2012 Fedora Release Engineering - 0.7.12-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Thu Nov 10 2011 Peter Robinson 0.7.12-1 +- Release 0.7.12. Fixes CVE-2011-4129 RHBZ 752022 + +* Fri Oct 28 2011 Peter Robinson 0.7.11-1 +- Release 0.7.11 + +* Sun Apr 24 2011 Peter Robinson 0.7.10-1 +- Update to 0.7.10 + +* Sun Apr 3 2011 Peter Robinson 0.7.9-1 +- Update to 0.7.9 + +* Wed Mar 23 2011 Peter Robinson 0.7.8-1 +- Update to 0.7.8 + +* Tue Feb 22 2011 Peter Robinson 0.7.6-1 +- Update to 0.7.6 + +* Wed Feb 09 2011 Fedora Release Engineering - 0.7.5-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Thu Nov 25 2010 Peter Robinson 0.7.5-1 +- Update to 0.7.5 +- Now its on gnome we have official tar file releases + +* Wed Sep 29 2010 jkeating - 0.7.3-2 +- Rebuilt for gcc bug 634757 + +* Wed Sep 15 2010 Peter Robinson 0.7.3-1 +- Update to 0.7.3 + +* Mon Aug 30 2010 Peter Robinson 0.7.2-1 +- Update to 0.7.2 + +* Thu Aug 5 2010 Peter Robinson 0.7.0-1 +- Update to 0.7.0 + +* Sun Jul 11 2010 Peter Robinson 0.6.4-1 +- Update to 0.6.4 + +* Wed May 12 2010 Peter Robinson 0.6.3-2 +- some cleanups and fixes + +* Wed May 12 2010 Peter Robinson 0.6.3-1 +- Update to 0.6.3, update url and source details, enable introspection + +* Mon Feb 15 2010 Peter Robinson 0.6.1-4 +- Add patch to fix DSO linking. Fixes bug 564764 + +* Mon Jan 25 2010 Peter Robinson 0.6.1-3 +- Bump build + +* Mon Jan 25 2010 Peter Robinson 0.6.1-2 +- Move to official tarball release of 0.6.1 + +* Sat Oct 10 2009 Peter Robinson 0.6.1-1 +- New upstream 0.6.1 release + +* Wed Aug 19 2009 Peter Robinson 0.6-1 +- New upstream 0.6 release + +* Fri Aug 7 2009 Peter Robinson 0.5-3 +- A few minor spec file cleanups + +* Sun Jul 26 2009 Fedora Release Engineering - 0.5-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Tue Jul 14 2009 Peter Robinson 0.5-1 +- Update to 0.5 + +* Mon Jun 22 2009 Peter Robinson 0.4-1 +- Update to 0.4 + +* Wed Jun 17 2009 Peter Robinson 0.3-1 +- Initial packaging