Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/gnome-extra
diff options
context:
space:
mode:
authorMark Loeser <halcy0n@gentoo.org>2010-02-25 15:57:38 +0000
committerMark Loeser <halcy0n@gentoo.org>2010-02-25 15:57:38 +0000
commit62e9a32f0e3348b03b5f9844cb9ef7a0abee4778 (patch)
treeeb15f7dc693d4a051ac764ba7ff4ed64d6be6a84 /gnome-extra
parentx86 stable, bug #302480 (diff)
downloadgentoo-2-62e9a32f0e3348b03b5f9844cb9ef7a0abee4778.tar.gz
gentoo-2-62e9a32f0e3348b03b5f9844cb9ef7a0abee4778.tar.bz2
gentoo-2-62e9a32f0e3348b03b5f9844cb9ef7a0abee4778.zip
Restoring due to dev-dotnet/evolution-sharp-0.18.1 requiring it
(Portage version: 2.2_rc62/cvs/Linux i686, RepoMan options: --force)
Diffstat (limited to 'gnome-extra')
-rw-r--r--gnome-extra/evolution-data-server/ChangeLog11
-rw-r--r--gnome-extra/evolution-data-server/evolution-data-server-2.24.5-r3.ebuild128
-rw-r--r--gnome-extra/evolution-data-server/files/evolution-data-server-1.11.3-no-libdb.patch13
-rw-r--r--gnome-extra/evolution-data-server/files/evolution-data-server-2.23.6-as-needed.patch54
-rw-r--r--gnome-extra/evolution-data-server/files/evolution-data-server-2.24.5-CVE-2009-0547.patch105
-rw-r--r--gnome-extra/evolution-data-server/files/evolution-data-server-2.24.5-fix-body.patch34
-rw-r--r--gnome-extra/evolution-data-server/files/evolution-data-server-CVE-2009-0582.patch144
7 files changed, 488 insertions, 1 deletions
diff --git a/gnome-extra/evolution-data-server/ChangeLog b/gnome-extra/evolution-data-server/ChangeLog
index b1dbd30df7a3..6840e47821e8 100644
--- a/gnome-extra/evolution-data-server/ChangeLog
+++ b/gnome-extra/evolution-data-server/ChangeLog
@@ -1,6 +1,15 @@
# ChangeLog for gnome-extra/evolution-data-server
# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/gnome-extra/evolution-data-server/ChangeLog,v 1.254 2010/02/24 22:46:00 eva Exp $
+# $Header: /var/cvsroot/gentoo-x86/gnome-extra/evolution-data-server/ChangeLog,v 1.255 2010/02/25 15:57:37 halcy0n Exp $
+
+ 25 Feb 2010; Mark Loeser <halcy0n@gentoo.org>
+ +files/evolution-data-server-1.11.3-no-libdb.patch,
+ +files/evolution-data-server-2.23.6-as-needed.patch,
+ +evolution-data-server-2.24.5-r3.ebuild,
+ +files/evolution-data-server-2.24.5-CVE-2009-0547.patch,
+ +files/evolution-data-server-2.24.5-fix-body.patch,
+ +files/evolution-data-server-CVE-2009-0582.patch:
+ Restoring due to dev-dotnet/evolution-sharp-0.18.1 requiring it
24 Feb 2010; Gilles Dartiguelongue <eva@gentoo.org>
-files/evolution-data-server-1.11.3-no-libdb.patch,
diff --git a/gnome-extra/evolution-data-server/evolution-data-server-2.24.5-r3.ebuild b/gnome-extra/evolution-data-server/evolution-data-server-2.24.5-r3.ebuild
new file mode 100644
index 000000000000..d5314d9134b3
--- /dev/null
+++ b/gnome-extra/evolution-data-server/evolution-data-server-2.24.5-r3.ebuild
@@ -0,0 +1,128 @@
+# Copyright 1999-2010 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/gnome-extra/evolution-data-server/evolution-data-server-2.24.5-r3.ebuild,v 1.10 2010/02/25 15:57:38 halcy0n Exp $
+
+EAPI="2"
+
+inherit db-use eutils flag-o-matic gnome2 autotools versionator
+
+DESCRIPTION="Evolution groupware backend"
+HOMEPAGE="http://www.gnome.org/projects/evolution/"
+
+LICENSE="LGPL-2 BSD DB"
+SLOT="0"
+KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 sparc x86 ~x86-fbsd"
+IUSE="doc ipv6 kerberos gnome-keyring krb4 ldap ssl"
+
+RDEPEND=">=dev-libs/glib-2.16.1
+ >=x11-libs/gtk+-2.10
+ >=gnome-base/orbit-2.9.8
+ >=gnome-base/libbonobo-2.20.3
+ >=gnome-base/gconf-2
+ >=gnome-base/libglade-2
+ >=gnome-base/libgnome-2
+ >=dev-libs/libxml2-2
+ >=net-libs/libsoup-2.4
+ gnome-keyring? ( >=gnome-base/gnome-keyring-2.20.1 )
+ >=dev-db/sqlite-3.5
+ ssl? (
+ >=dev-libs/nspr-4.4
+ >=dev-libs/nss-3.9 )
+ >=gnome-base/libgnomeui-2
+ sys-libs/zlib
+ =sys-libs/db-4*
+ ldap? ( >=net-nds/openldap-2.0 )
+ kerberos? ( virtual/krb5 )
+ krb4? ( app-crypt/mit-krb5[krb4] )"
+
+DEPEND="${RDEPEND}
+ >=dev-util/pkgconfig-0.9
+ >=dev-util/intltool-0.35.5
+ >=gnome-base/gnome-common-2
+ >=dev-util/gtk-doc-am-1.9
+ doc? ( >=dev-util/gtk-doc-1.9 )"
+
+DOCS="ChangeLog MAINTAINERS NEWS TODO"
+
+pkg_setup() {
+ G2CONF="${G2CONF}
+ $(use_with ldap openldap)
+ $(use_with krb4 krb4 /usr)
+ $(use_with kerberos krb5 /usr)
+ $(use_enable ssl nss)
+ $(use_enable ssl smime)
+ $(use_enable ipv6)
+ $(use_enable gnome-keyring)
+ --with-libdb=/usr/$(get_libdir)"
+}
+
+src_prepare() {
+ gnome2_src_prepare
+
+ # Adjust to gentoo's /etc/service
+ epatch "${FILESDIR}"/${PN}-1.2.0-gentoo_etc_services.patch
+
+ # Fix broken libdb build
+ epatch "${FILESDIR}"/${PN}-1.11.3-no-libdb.patch
+
+ # Rewind in camel-disco-diary to fix a crash
+ epatch "${FILESDIR}"/${PN}-1.8.0-camel-rewind.patch
+
+ # Fix building evo-exchange with --as-needed, upstream bug #342830
+ epatch "${FILESDIR}"/${PN}-2.23.6-as-needed.patch
+
+ # Fix S/MIME verification. Bug #258867
+ epatch "${FILESDIR}"/${P}-CVE-2009-0547.patch
+
+ # Fix S/MIME message display, bug #258867
+ epatch "${FILESDIR}"/${P}-fix-body.patch
+
+ # Fix NTLM SASL authentication. Bug #261203
+ epatch "${FILESDIR}"/${PN}-CVE-2009-0582.patch
+
+ if use doc; then
+ sed "/^TARGET_DIR/i \GTKDOC_REBASE=/usr/bin/gtkdoc-rebase" \
+ -i gtk-doc.make || die "sed 1 failed"
+ else
+ sed "/^TARGET_DIR/i \GTKDOC_REBASE=$(type -P true)" \
+ -i gtk-doc.make || die "sed 2 failed"
+ fi
+
+ # gtk-doc-am and gnome-common needed for this
+ intltoolize --force --copy --automake || die "intltoolize failed"
+ eautoreconf
+
+ # Use NSS/NSPR only if 'ssl' is enabled.
+ if use ssl ; then
+ sed -i -e "s|mozilla-nss|nss|
+ s|mozilla-nspr|nspr|" "${S}"/configure || die "sed failed"
+ G2CONF="${G2CONF} --enable-nss=yes"
+ else
+ G2CONF="${G2CONF} --without-nspr-libs --without-nspr-includes \
+ --without-nss-libs --without-nss-includes"
+ fi
+
+ # /usr/include/db.h is always db-1 on FreeBSD
+ # so include the right dir in CPPFLAGS
+ append-cppflags "-I$(db_includedir)"
+}
+
+src_install() {
+ gnome2_src_install
+
+ if use ldap; then
+ MY_MAJORV=$(get_version_component_range 1-2)
+ insinto /etc/openldap/schema
+ doins "${FILESDIR}"/calentry.schema || die "doins failed"
+ dosym "${D}"/usr/share/${PN}-${MY_MAJORV}/evolutionperson.schema /etc/openldap/schema/evolutionperson.schema
+ fi
+}
+
+pkg_postinst() {
+ gnome2_pkg_postinst
+
+ if use ldap; then
+ elog ""
+ elog "LDAP schemas needed by evolution are installed in /etc/openldap/schema"
+ fi
+}
diff --git a/gnome-extra/evolution-data-server/files/evolution-data-server-1.11.3-no-libdb.patch b/gnome-extra/evolution-data-server/files/evolution-data-server-1.11.3-no-libdb.patch
new file mode 100644
index 000000000000..b2b7769289e8
--- /dev/null
+++ b/gnome-extra/evolution-data-server/files/evolution-data-server-1.11.3-no-libdb.patch
@@ -0,0 +1,13 @@
+diff --exclude-from=/home/dang/.scripts/diffrc -up -ruN evolution-data-server-1.11.3.orig/configure.in evolution-data-server-1.11.3/configure.in
+--- evolution-data-server-1.11.3.orig/configure.in 2007-06-04 06:50:47.000000000 -0400
++++ evolution-data-server-1.11.3/configure.in 2007-06-07 10:58:22.000000000 -0400
+@@ -1431,9 +1431,6 @@ export privdatadir
+ if test $enable_calendar = yes; then
+ AC_CONFIG_SUBDIRS(calendar/libical)
+ fi
+-if test $dynamic_libdb = no; then
+- AC_CONFIG_SUBDIRS(libdb/dist)
+-fi
+ AC_OUTPUT([
+ Makefile
+ evolution-data-server-zip
diff --git a/gnome-extra/evolution-data-server/files/evolution-data-server-2.23.6-as-needed.patch b/gnome-extra/evolution-data-server/files/evolution-data-server-2.23.6-as-needed.patch
new file mode 100644
index 000000000000..57d10c82b2e4
--- /dev/null
+++ b/gnome-extra/evolution-data-server/files/evolution-data-server-2.23.6-as-needed.patch
@@ -0,0 +1,54 @@
+diff --exclude-from=/home/dang/.scripts/diffrc -up -ruN evolution-data-server-2.23.6.orig/addressbook/backends/Makefile.am evolution-data-server-2.23.6/addressbook/backends/Makefile.am
+--- evolution-data-server-2.23.6.orig/addressbook/backends/Makefile.am 2008-08-04 00:28:27.000000000 -0400
++++ evolution-data-server-2.23.6/addressbook/backends/Makefile.am 2008-08-05 12:26:15.000000000 -0400
+@@ -4,4 +4,4 @@ else
+ LDAP_SUBDIR =
+ endif
+
+-SUBDIRS = file vcf $(LDAP_SUBDIR) google groupwise webdav
++SUBDIRS = file vcf $(LDAP_SUBDIR)
+diff --exclude-from=/home/dang/.scripts/diffrc -up -ruN evolution-data-server-2.23.6.orig/calendar/backends/Makefile.am evolution-data-server-2.23.6/calendar/backends/Makefile.am
+--- evolution-data-server-2.23.6.orig/calendar/backends/Makefile.am 2008-04-11 07:10:31.000000000 -0400
++++ evolution-data-server-2.23.6/calendar/backends/Makefile.am 2008-08-05 12:25:51.000000000 -0400
+@@ -1 +1 @@
+-SUBDIRS = file groupwise http contacts weather caldav google
++SUBDIRS = file http contacts weather caldav
+diff --exclude-from=/home/dang/.scripts/diffrc -up -ruN evolution-data-server-2.23.6.orig/camel/providers/Makefile.am evolution-data-server-2.23.6/camel/providers/Makefile.am
+--- evolution-data-server-2.23.6.orig/camel/providers/Makefile.am 2008-08-01 02:34:59.000000000 -0400
++++ evolution-data-server-2.23.6/camel/providers/Makefile.am 2008-08-05 12:26:59.000000000 -0400
+@@ -21,6 +21,6 @@ else
+ SENDMAIL_DIR=sendmail
+ endif
+
+-SUBDIRS = pop3 $(SENDMAIL_DIR) smtp imap $(IMAP4_DIR) $(NNTP_DIR) local $(IMAPP_DIR) groupwise $(HULA_DIR)
++SUBDIRS = pop3 $(SENDMAIL_DIR) smtp imap $(IMAP4_DIR) $(NNTP_DIR) local $(IMAPP_DIR) $(HULA_DIR)
+
+
+diff --exclude-from=/home/dang/.scripts/diffrc -up -ruN evolution-data-server-2.23.6.orig/Makefile.am evolution-data-server-2.23.6/Makefile.am
+--- evolution-data-server-2.23.6.orig/Makefile.am 2008-08-01 02:35:37.000000000 -0400
++++ evolution-data-server-2.23.6/Makefile.am 2008-08-05 12:28:22.000000000 -0400
+@@ -7,9 +7,12 @@ endif
+
+ if ENABLE_CALENDAR
+ CALENDAR_DIR = calendar
++CALENDAR_LATER = calendar/backends/groupwise calendar/backends/google
+ endif
+
+-SUBDIRS = $(LIBDB) win32 libedataserver libebackend servers camel addressbook $(CALENDAR_DIR) libedataserverui src docs art po
++LATER = camel/providers/groupwise addressbook/backends/groupwise addressbook/backends/google addressbook/backends/webdav $(CALENDAR_LATER)
++
++SUBDIRS = $(LIBDB) win32 libedataserver libebackend camel addressbook $(CALENDAR_DIR) libedataserverui servers $(LATER) src docs art po
+ DIST_SUBDIRS= win32 libedataserver libebackend servers camel addressbook calendar libedataserverui src docs art po
+ changelogs = \
+ ChangeLog
+diff --exclude-from=/home/dang/.scripts/diffrc -up -ruN evolution-data-server-2.23.6.orig/servers/exchange/storage/Makefile.am evolution-data-server-2.23.6/servers/exchange/storage/Makefile.am
+--- evolution-data-server-2.23.6.orig/servers/exchange/storage/Makefile.am 2008-04-11 07:10:16.000000000 -0400
++++ evolution-data-server-2.23.6/servers/exchange/storage/Makefile.am 2008-08-05 12:25:51.000000000 -0400
+@@ -64,6 +64,7 @@ libexchange_storage_1_2_la_LIBADD = \
+ $(top_builddir)/servers/exchange/lib/libexchange.la \
+ $(top_builddir)/servers/exchange/xntlm/libxntlm.la \
+ $(top_builddir)/libedataserver/libedataserver-1.2.la \
++ $(top_builddir)/libedataserverui/libedataserverui-1.2.la \
+ $(E_DATA_SERVER_LIBS) \
+ $(E_DATA_SERVER_UI_LIBS) \
+ $(LDAP_LIBS) \
diff --git a/gnome-extra/evolution-data-server/files/evolution-data-server-2.24.5-CVE-2009-0547.patch b/gnome-extra/evolution-data-server/files/evolution-data-server-2.24.5-CVE-2009-0547.patch
new file mode 100644
index 000000000000..b527c8021ba1
--- /dev/null
+++ b/gnome-extra/evolution-data-server/files/evolution-data-server-2.24.5-CVE-2009-0547.patch
@@ -0,0 +1,105 @@
+diff --exclude-from=/home/dang/.scripts/diffrc -up -ruN evolution-data-server-2.24.5.orig/camel/camel-smime-context.c evolution-data-server-2.24.5/camel/camel-smime-context.c
+--- evolution-data-server-2.24.5.orig/camel/camel-smime-context.c 2008-09-22 06:53:58.000000000 -0400
++++ evolution-data-server-2.24.5/camel/camel-smime-context.c 2009-03-07 14:52:57.000000000 -0500
+@@ -40,6 +40,7 @@
+ #include <smime.h>
+ #include <pkcs11t.h>
+ #include <pk11func.h>
++#include <secoid.h>
+
+ #include <errno.h>
+
+@@ -534,6 +535,7 @@ sm_verify_cmsg(CamelCipherContext *conte
+ for (i = 0; i < count; i++) {
+ NSSCMSContentInfo *cinfo = NSS_CMSMessage_ContentLevel(cmsg, i);
+ SECOidTag typetag = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
++ int which_digest;
+
+ switch (typetag) {
+ case SEC_OID_PKCS7_SIGNED_DATA:
+@@ -543,44 +545,49 @@ sm_verify_cmsg(CamelCipherContext *conte
+ goto fail;
+ }
+
+- /* need to build digests of the content */
+- if (!NSS_CMSSignedData_HasDigests(sigd)) {
+- if (extstream == NULL) {
+- camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Digests missing from enveloped data"));
+- goto fail;
+- }
+-
+- if ((poolp = PORT_NewArena(1024)) == NULL) {
+- camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, g_strerror (ENOMEM));
+- goto fail;
+- }
+-
+- digestalgs = NSS_CMSSignedData_GetDigestAlgs(sigd);
+-
+- digcx = NSS_CMSDigestContext_StartMultiple(digestalgs);
+- if (digcx == NULL) {
+- camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot calculate digests"));
+- goto fail;
+- }
+-
+- mem = (CamelStreamMem *)camel_stream_mem_new();
+- camel_stream_write_to_stream(extstream, (CamelStream *)mem);
+- NSS_CMSDigestContext_Update(digcx, mem->buffer->data, mem->buffer->len);
+- camel_object_unref(mem);
+-
+- if (NSS_CMSDigestContext_FinishMultiple(digcx, poolp, &digests) != SECSuccess) {
+- camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot calculate digests"));
+- goto fail;
+- }
+-
+- if (NSS_CMSSignedData_SetDigests(sigd, digestalgs, digests) != SECSuccess) {
+- camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot set message digests"));
+- goto fail;
+- }
+
+- PORT_FreeArena(poolp, PR_FALSE);
+- poolp = NULL;
++ if (extstream == NULL) {
++ camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Digests missing from enveloped data"));
++ goto fail;
++ }
++
++ if ((poolp = PORT_NewArena(1024)) == NULL) {
++ camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, g_strerror (ENOMEM));
++ goto fail;
+ }
++
++ digestalgs = NSS_CMSSignedData_GetDigestAlgs(sigd);
++
++ digcx = NSS_CMSDigestContext_StartMultiple(digestalgs);
++ if (digcx == NULL) {
++ camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot calculate digests"));
++ goto fail;
++ }
++
++ mem = (CamelStreamMem *)camel_stream_mem_new();
++ camel_stream_write_to_stream(extstream, (CamelStream *)mem);
++ NSS_CMSDigestContext_Update(digcx, mem->buffer->data, mem->buffer->len);
++ camel_object_unref(mem);
++
++ if (NSS_CMSDigestContext_FinishMultiple(digcx, poolp, &digests) != SECSuccess) {
++ camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot calculate digests"));
++ goto fail;
++ }
++
++ for (which_digest = 0; digests[which_digest] != NULL; which_digest++) {
++ SECOidData *digest_alg = SECOID_FindOID (&digestalgs[which_digest]->algorithm);
++ if (digest_alg == NULL) {
++ camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot set message digests"));
++ goto fail;
++ }
++ if (NSS_CMSSignedData_SetDigestValue (sigd, digest_alg->offset, digests[which_digest]) != SECSuccess) {
++ camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot set message digests"));
++ goto fail;
++ }
++ }
++
++ PORT_FreeArena(poolp, PR_FALSE);
++ poolp = NULL;
+
+ /* import all certificates present */
+ if (NSS_CMSSignedData_ImportCerts(sigd, p->certdb, certUsageEmailSigner, PR_TRUE) != SECSuccess) {
diff --git a/gnome-extra/evolution-data-server/files/evolution-data-server-2.24.5-fix-body.patch b/gnome-extra/evolution-data-server/files/evolution-data-server-2.24.5-fix-body.patch
new file mode 100644
index 000000000000..2671d0de0000
--- /dev/null
+++ b/gnome-extra/evolution-data-server/files/evolution-data-server-2.24.5-fix-body.patch
@@ -0,0 +1,34 @@
+From dcd2f9ebc6c66ab1c068764da3b528f8fbfeb8b5 Mon Sep 17 00:00:00 2001
+From: Milan Crha <mcrha@redhat.com>
+Date: Tue, 31 Mar 2009 11:54:36 +0000
+Subject: [PATCH] ** Fix for bug #564465
+
+2009-03-31 Milan Crha <mcrha@redhat.com>
+
+ ** Fix for bug #564465
+
+ * camel-smime-context.c: (sm_decrypt):
+ Pass correct body for signature verification.
+
+svn path=/trunk/; revision=10194
+---
+ camel/camel-smime-context.c | 3 ++-
+ 1 files changed, 2 insertions(+), 1 deletions(-)
+
+diff --git a/camel/camel-smime-context.c b/camel/camel-smime-context.c
+index 7470953..1913d6a 100644
+--- a/camel/camel-smime-context.c
++++ b/camel/camel-smime-context.c
+@@ -963,7 +963,8 @@ sm_decrypt(CamelCipherContext *context, CamelMimePart *ipart, CamelMimePart *opa
+ camel_data_wrapper_construct_from_stream((CamelDataWrapper *)opart, ostream);
+
+ if (NSS_CMSMessage_IsSigned(cmsg)) {
+- valid = sm_verify_cmsg(context, cmsg, NULL, ex);
++ camel_stream_reset (ostream);
++ valid = sm_verify_cmsg (context, cmsg, ostream, ex);
+ } else {
+ valid = camel_cipher_validity_new();
+ valid->encrypt.description = g_strdup(_("Encrypted content"));
+--
+1.6.3.3
+
diff --git a/gnome-extra/evolution-data-server/files/evolution-data-server-CVE-2009-0582.patch b/gnome-extra/evolution-data-server/files/evolution-data-server-CVE-2009-0582.patch
new file mode 100644
index 000000000000..46231c0c0c39
--- /dev/null
+++ b/gnome-extra/evolution-data-server/files/evolution-data-server-CVE-2009-0582.patch
@@ -0,0 +1,144 @@
+Index: camel/camel-sasl-ntlm.c
+===================================================================
+--- camel/camel-sasl-ntlm.c (revision 10105)
++++ camel/camel-sasl-ntlm.c (working copy)
+@@ -74,9 +74,8 @@ camel_sasl_ntlm_get_type (void)
+
+ #define NTLM_REQUEST "NTLMSSP\x00\x01\x00\x00\x00\x06\x82\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x30\x00\x00\x00\x00\x00\x00\x00\x30\x00\x00\x00"
+
+-#define NTLM_CHALLENGE_NONCE_OFFSET 24
+-#define NTLM_CHALLENGE_DOMAIN_OFFSET 48
+-#define NTLM_CHALLENGE_DOMAIN_LEN_OFFSET 44
++#define NTLM_CHALLENGE_DOMAIN_OFFSET 12
++#define NTLM_CHALLENGE_NONCE_OFFSET 24
+
+ #define NTLM_RESPONSE_HEADER "NTLMSSP\x00\x03\x00\x00\x00"
+ #define NTLM_RESPONSE_FLAGS "\x82\x01"
+@@ -93,22 +92,60 @@ static void ntlm_calc_response (const
+ guchar results[24]);
+ static void ntlm_lanmanager_hash (const char *password, char hash[21]);
+ static void ntlm_nt_hash (const char *password, char hash[21]);
+-static void ntlm_set_string (GByteArray *ba, int offset,
+- const char *data, int len);
++
++typedef struct {
++ guint16 length;
++ guint16 allocated;
++ guint32 offset;
++} SecurityBuffer;
++
++static GString *
++ntlm_get_string (GByteArray *ba, int offset)
++{
++ SecurityBuffer *secbuf;
++ GString *string;
++ gchar *buf_string;
++ guint16 buf_length;
++ guint32 buf_offset;
++
++ secbuf = (SecurityBuffer *) &ba->data[offset];
++ buf_length = GUINT16_FROM_LE (secbuf->length);
++ buf_offset = GUINT32_FROM_LE (secbuf->offset);
++
++ if (ba->len < buf_offset + buf_length)
++ return NULL;
++
++ string = g_string_sized_new (buf_length);
++ buf_string = (gchar *) &ba->data[buf_offset];
++ g_string_append_len (string, buf_string, buf_length);
++
++ return string;
++}
++
++static void
++ntlm_set_string (GByteArray *ba, int offset, const char *data, int len)
++{
++ SecurityBuffer *secbuf;
++
++ secbuf = (SecurityBuffer *) &ba->data[offset];
++ secbuf->length = GUINT16_TO_LE (len);
++ secbuf->offset = GUINT32_TO_LE (ba->len);
++ secbuf->allocated = secbuf->length;
++
++ g_byte_array_append (ba, (guint8 *) data, len);
++}
+
+ static GByteArray *
+ ntlm_challenge (CamelSasl *sasl, GByteArray *token, CamelException *ex)
+ {
+ GByteArray *ret;
+ guchar nonce[8], hash[21], lm_resp[24], nt_resp[24];
++ GString *domain;
+
+ ret = g_byte_array_new ();
+
+- if (!token || !token->len) {
+- g_byte_array_append (ret, (guint8 *) NTLM_REQUEST,
+- sizeof (NTLM_REQUEST) - 1);
+- return ret;
+- }
++ if (!token || token->len < NTLM_CHALLENGE_NONCE_OFFSET + 8)
++ goto fail;
+
+ memcpy (nonce, token->data + NTLM_CHALLENGE_NONCE_OFFSET, 8);
+ ntlm_lanmanager_hash (sasl->service->url->passwd, (char *) hash);
+@@ -116,7 +153,11 @@ ntlm_challenge (CamelSasl *sasl, GByteAr
+ ntlm_nt_hash (sasl->service->url->passwd, (char *) hash);
+ ntlm_calc_response (hash, nonce, nt_resp);
+
+- ret = g_byte_array_new ();
++ domain = ntlm_get_string (token, NTLM_CHALLENGE_DOMAIN_OFFSET);
++ if (domain == NULL)
++ goto fail;
++
++ /* Don't jump to 'fail' label after this point. */
+ g_byte_array_set_size (ret, NTLM_RESPONSE_BASE_SIZE);
+ memset (ret->data, 0, NTLM_RESPONSE_BASE_SIZE);
+ memcpy (ret->data, NTLM_RESPONSE_HEADER,
+@@ -125,8 +166,7 @@ ntlm_challenge (CamelSasl *sasl, GByteAr
+ NTLM_RESPONSE_FLAGS, sizeof (NTLM_RESPONSE_FLAGS) - 1);
+
+ ntlm_set_string (ret, NTLM_RESPONSE_DOMAIN_OFFSET,
+- (const char *) token->data + NTLM_CHALLENGE_DOMAIN_OFFSET,
+- atoi ((char *) token->data + NTLM_CHALLENGE_DOMAIN_LEN_OFFSET));
++ domain->str, domain->len);
+ ntlm_set_string (ret, NTLM_RESPONSE_USER_OFFSET,
+ sasl->service->url->user,
+ strlen (sasl->service->url->user));
+@@ -138,6 +178,18 @@ ntlm_challenge (CamelSasl *sasl, GByteAr
+ (const char *) nt_resp, sizeof (nt_resp));
+
+ sasl->authenticated = TRUE;
++
++ g_string_free (domain, TRUE);
++
++ goto exit;
++
++fail:
++ /* If the challenge is malformed, restart authentication.
++ * XXX A malicious server could make this loop indefinitely. */
++ g_byte_array_append (ret, (guint8 *) NTLM_REQUEST,
++ sizeof (NTLM_REQUEST) - 1);
++
++exit:
+ return ret;
+ }
+
+@@ -201,17 +253,6 @@ ntlm_nt_hash (const char *password, char
+ g_free (buf);
+ }
+
+-static void
+-ntlm_set_string (GByteArray *ba, int offset, const char *data, int len)
+-{
+- ba->data[offset ] = ba->data[offset + 2] = len & 0xFF;
+- ba->data[offset + 1] = ba->data[offset + 3] = (len >> 8) & 0xFF;
+- ba->data[offset + 4] = ba->len & 0xFF;
+- ba->data[offset + 5] = (ba->len >> 8) & 0xFF;
+- g_byte_array_append (ba, (guint8 *) data, len);
+-}
+-
+-
+ #define KEYBITS(k,s) \
+ (((k[(s)/8] << ((s)%8)) & 0xFF) | (k[(s)/8+1] >> (8-(s)%8)))
+