Fix bug #258867: S/MIME parsing.

Package-Manager: portage-2.1.6.7/cvs/Linux x86_64
author: Daniel Gryniewicz <dang@gentoo.org> 2009-03-07 20:54:16 +0000
committer: Daniel Gryniewicz <dang@gentoo.org> 2009-03-07 20:54:16 +0000
commit: e856252a96b23c7f341a4d217099a4997dedea12 (patch)
tree: e898ed928cdde5158c0f832f80c13b03488e15b0 /gnome-extra/evolution-data-server
parent: Migrate to EAPI 2. (diff)
download: historical-e856252a96b23c7f341a4d217099a4997dedea12.tar.gz
historical-e856252a96b23c7f341a4d217099a4997dedea12.tar.bz2
historical-e856252a96b23c7f341a4d217099a4997dedea12.zip
6 files changed, 492 insertions, 2 deletions
diff --git a/gnome-extra/evolution-data-server/ChangeLog b/gnome-extra/evolution-data-server/ChangeLog
index 757b8fef5ba2..da3882d56b86 100644
--- a/gnome-extra/evolution-data-server/ChangeLog
+++ b/gnome-extra/evolution-data-server/ChangeLog
@@ -1,6 +1,16 @@
 # ChangeLog for gnome-extra/evolution-data-server
 # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/gnome-extra/evolution-data-server/ChangeLog,v 1.206 2009/03/06 15:49:13 ranger Exp $
+# $Header: /var/cvsroot/gentoo-x86/gnome-extra/evolution-data-server/ChangeLog,v 1.207 2009/03/07 20:54:16 dang Exp $
+
+*evolution-data-server-2.24.5-r1 (07 Mar 2009)
+*evolution-data-server-2.22.3-r2 (07 Mar 2009)
+
+  07 Mar 2009; Daniel Gryniewicz <dang@gentoo.org>
+  +files/evolution-data-server-2.22.3-CVE-2009-0547.patch,
+  +files/evolution-data-server-2.24.5-CVE-2009-0547.patch,
+  +evolution-data-server-2.22.3-r2.ebuild,
+  +evolution-data-server-2.24.5-r1.ebuild:
+  Fix bug #258867: S/MIME parsing.
 
   06 Mar 2009; Brent Baude <ranger@gentoo.org>
   evolution-data-server-2.24.5.ebuild:
diff --git a/gnome-extra/evolution-data-server/Manifest b/gnome-extra/evolution-data-server/Manifest
index 3fa3e349c0fe..f2a409bfae00 100644
--- a/gnome-extra/evolution-data-server/Manifest
+++ b/gnome-extra/evolution-data-server/Manifest
@@ -1,3 +1,6 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
 AUX calentry.schema 3661 RMD160 68dfc3a8bbf08a1cf2713727c6617b2de613cb7c SHA1 06ddcc64c3b2b3230fbbef21a7e2a682bd95788c SHA256 107d60463833d5ceb5f752335dd07fef303093c58a51fb03405fed5837999431
 AUX evolution-data-server-1.11.3-as-needed.patch 1942 RMD160 1db5815026e06a47c91295f4b502b94692dbe115 SHA1 0f94fb16e14ed685154cd0ad1211095431e179ca SHA256 95b1d4a23e801a36c7027080347e8fcb1ad90bc1d4040e9bdab8d00eb1f27986
 AUX evolution-data-server-1.11.3-no-libdb.patch 570 RMD160 404dfda7aac4e9ff6504ecd9ee5b7af6efafc969 SHA1 411f311317439bf20643491d2b7d1cbee99c561e SHA256 992602fd04cfa8afba084238f62f765b1d5caf29cc10ad739c7e63ea78291905
@@ -9,9 +12,11 @@ AUX evolution-data-server-1.8.0-camel-rewind.patch 499 RMD160 90b94f0b20a52a4fdf
 AUX evolution-data-server-2.21.4-as-needed.patch 3339 RMD160 437d0a2ca704c12b0ef84d42bd30c5f309993192 SHA1 13527a0ab7486d95a21b1b60d8d8f23e65df1495 SHA256 9d64f94d8b2ccae4f3de0c1d8a35ae072357821829f17c83c012902542f47beb
 AUX evolution-data-server-2.21.4-gtkdoc-rebase.patch 739 RMD160 ed666a6e4118008bc69c96a1dfbfd4d879ecb597 SHA1 049a232cd8b664f949ef9834fd313c9e4b32998d SHA256 bbbd971fa4cba06c77fdd55874e4a29a4eb6afc02db7a2f1e5d4882eeae047b1
 AUX evolution-data-server-2.21.90-icaltz-util.patch 1343 RMD160 60db5a03375636b21eb968de35f032e915319277 SHA1 b3d7f3dd6dc32927265a410b82193972198143b0 SHA256 0279c058ad3f06e3703c4876decc644d6fbc18663f5f9c9e470cd31b1735b2a3
+AUX evolution-data-server-2.22.3-CVE-2009-0547.patch 3887 RMD160 1b851248cc79c2f8d5079bfb535dff2ce0e43556 SHA1 e1571259ab63075f3c1a28e6204e795f7cffad5d SHA256 d10a4879a0172c731c7a5c8cc31f8ac9f9b010e93f6d8d1fda29dcacfc5316c7
 AUX evolution-data-server-2.22.3-mail-cleanup-delay.patch 2974 RMD160 b482fbd815f1853522d845fa3acf643dbb5ebac8 SHA1 bae6f30319ea13d0b4c1aed63b92cf9f23f39c29 SHA256 3be97d843539c285a36af973145d3cc8bec99b84a54282eab0900df867b030c4
 AUX evolution-data-server-2.22.3-timezone-western.patch 2041 RMD160 8a0d9e308123ebc48a6ea9c7932c8639765a96b8 SHA1 963f7c7a0659a4ca6659f5983e8a47825c70b8e9 SHA256 56e3311334bac728db2c7afcd200e56acc3e0a9819659cdffb745c488bbb4126
 AUX evolution-data-server-2.23.6-as-needed.patch 3469 RMD160 43c48a35d0480a82db6cf131c0fdd0062353efc4 SHA1 96ef4dd901730ab2f77716646517a5ef40a5f982 SHA256 4899ffd8773229ecb43afbffdb91faa1fd433630395792998973f62aa54afb37
+AUX evolution-data-server-2.24.5-CVE-2009-0547.patch 3797 RMD160 7e49ece85b83c85c0bf64bbdd00020135a555be1 SHA1 43f207160f2cacab300e435fb4d4d808c46d67fb SHA256 1e41bc6ad495b9d27c26d87d59c9c18761395b61492043de846ffaede84c2353
 AUX evolution-data-server-no_lazy_bindings.patch 551 RMD160 d86bf9a9ed25615bcb3dab23977ac01c341a799c SHA1 34aa3d902e0e704f67c6fceee820dad158d82be2 SHA256 772bdd99f3936d377cd0ce59c4f03789d227b79c4a2ca2d5e7e3165c378c6403
 DIST evolution-data-server-1.12.3.tar.bz2 7447166 RMD160 c7102c38af4888f3f8933c9d28981d1809d504f8 SHA1 12b8b23fb77ff6436def3cc5ea472886c8e0350e SHA256 e2d9038e3cd115ea5af2f3b7d381f5803c62d1ec36206e5a1bea0f823d25fab5
 DIST evolution-data-server-2.22.3.tar.bz2 7621470 RMD160 eed9c26fba0b69f0cbe44b01d698388c4ae44a0b SHA1 5d01b1248fcacef9c478787892f223338dff731b SHA256 6e9fa1258c8b4d1fd75a1da78ee637ad5b8a82bc58c93324d73afecf8d73fe87
@@ -21,10 +26,19 @@ DIST evolution-data-server-2.24.4.tar.bz2 7893360 RMD160 c79ad1d9c8629347d00c1b1
 DIST evolution-data-server-2.24.5.tar.bz2 7857405 RMD160 d5f32f35a51e32885f96d4f92d7a0c6fae249a92 SHA1 b1df1f3580e3566d08faf2c093a685ee977d648c SHA256 c2240b96437f36f3656da538df7631510785664a6e7723cbf75ec0f88c3d38d1
 EBUILD evolution-data-server-1.12.3.ebuild 5047 RMD160 47e7a7a27fc51270a57644179594e302ffe11a73 SHA1 8e819d7c74c140aed79e5f265082a96541dbdb74 SHA256 482df2b372d83beaf408af1b0d6e7162d52481eef0513a25b6f9fc1805e7a229
 EBUILD evolution-data-server-2.22.3-r1.ebuild 3229 RMD160 58dd7a6991eb91946627c762b42a4068903361c7 SHA1 653fbfcf38f702560cf3b1747335d69d1f3955fd SHA256 0df3af81dad7affbf862ebd5e498dbc4bea3c536b1aae2c7903328caf19bc56d
+EBUILD evolution-data-server-2.22.3-r2.ebuild 3328 RMD160 25c5aac1f9bd5571887757c9e5b7163788f1e192 SHA1 8010a514e67b010c6913f082986429542fc89386 SHA256 af22dc1f4dd7846f6e7df33fb3e8cfed501c91469780fdce9a72ae148283bdc6
 EBUILD evolution-data-server-2.22.3.ebuild 3118 RMD160 11a9c2f85fc84d848c47fc478a55a1ca77361efa SHA1 4b4ecd802fc9c7a1e997f8b35a9e95bcbda0da80 SHA256 2194dfb3d1cdf85e448e6fd6aa3e5a62f0759c7054b3c50fa3cd0ee3af9c4700
 EBUILD evolution-data-server-2.24.2.ebuild 3451 RMD160 99354f74976ce35c63f299b8b8e19d82ea06e766 SHA1 aaa59d4a55cdd905bbc14d2d638e9fd50f903a56 SHA256 d2eb70ef8f74660ffe783b1952cb578c7d2d4b1dc088ab957c541074aa82a16d
 EBUILD evolution-data-server-2.24.3.ebuild 3301 RMD160 c84b5378dd51df2c438f579e5193be5999c8d8c9 SHA1 ffaac8310f590b7ef5b7ce50074e22afc2dc6144 SHA256 ec46d6d50c196d0adebea4012372a1b0256d176d9b8a596d71e58d4fee50f392
 EBUILD evolution-data-server-2.24.4.ebuild 3472 RMD160 bfd52e2916877c8fef535e1d165c647eb9cf74e6 SHA1 8954d1c0511612dbe2e06abdf3fc3f956d113430 SHA256 125d98acc684db29da51f887868c0cc4f8fd2342537855526d86891c683d9a98
+EBUILD evolution-data-server-2.24.5-r1.ebuild 3560 RMD160 a0eafdfb09138c2db87abc49dab8d696f84793d5 SHA1 1446592184cc69c2759991212cd869cbc735eb1d SHA256 faeec079eccaaa04920c73b3cabf74b1edb193e56f03edb1bf241da8f193343c
 EBUILD evolution-data-server-2.24.5.ebuild 3468 RMD160 86cfbb8050539048a3ef937c9df7a79f6f7a0611 SHA1 8ae2c78370cfc6617de98c6d4ad76f65e8ba4142 SHA256 cf08d11ed21da84b00d39162313659b2eddfb9558e173228be02bf7db7d34cf3
-MISC ChangeLog 39198 RMD160 0555476b287fd14d2b24f03a78027ed6aa5650f2 SHA1 b8ef2b4a359d4341d84ac00f4e5dfd5089512aa3 SHA256 87efb997c010eeba0af50bb44451984f27e6591f2175ac31c2619a637f8ea549
+MISC ChangeLog 39582 RMD160 5ad9a3101aa98b97266c5a5d56505526fa55eda0 SHA1 496099f12600b0e600f119d702decbbb648e25d7 SHA256 214206834fa4cdfbf69da43a10cbd1a666c54b50d59a7f9576ed0686ba67df1e
 MISC metadata.xml 158 RMD160 c0e2bae8e91bb6be8922bac5e4f597302e06587e SHA1 38f78e9790bcd4382b4a49aa226aa6dda1d3a3d7 SHA256 3a7dbca0fdc557de69783e0663e2d76ddab129ea8a19b2d0ef6d3e5d1b947ce1
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.10 (GNU/Linux)
+
+iD4DBQFJst8gomPajV0RnrERAsgAAJdXxMZZDYhBfhYK23C2TH6w2RPAAJ9beeAt
+TGB5vYMQwMkwgPRQGSRuzg==
+=q8Gs
+-----END PGP SIGNATURE-----
diff --git a/gnome-extra/evolution-data-server/evolution-data-server-2.22.3-r2.ebuild b/gnome-extra/evolution-data-server/evolution-data-server-2.22.3-r2.ebuild
new file mode 100644
index 000000000000..b7fa8d02e7f1
--- /dev/null
+++ b/gnome-extra/evolution-data-server/evolution-data-server-2.22.3-r2.ebuild
@@ -0,0 +1,120 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/gnome-extra/evolution-data-server/evolution-data-server-2.22.3-r2.ebuild,v 1.1 2009/03/07 20:54:16 dang Exp $
+
+inherit db-use eutils flag-o-matic gnome2 autotools
+
+DESCRIPTION="Evolution groupware backend"
+HOMEPAGE="http://www.gnome.org/projects/evolution/"
+
+LICENSE="LGPL-2 Sleepycat"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
+IUSE="doc ipv6 kerberos gnome-keyring krb4 ldap ssl"
+
+RDEPEND=">=dev-libs/glib-2.15.3
+	>=x11-libs/gtk+-2.10
+	>=gnome-base/orbit-2.9.8
+	>=gnome-base/gnome-vfs-2.4
+	>=gnome-base/libbonobo-2.20.3
+	>=gnome-base/gconf-2
+	>=gnome-base/libglade-2
+	>=gnome-base/libgnome-2
+	>=dev-libs/libxml2-2
+	>=net-libs/libsoup-2.4
+	gnome-keyring? ( >=gnome-base/gnome-keyring-2.20 )
+	ssl? (
+		>=dev-libs/nspr-4.4
+		>=dev-libs/nss-3.9 )
+	>=gnome-base/libgnomeui-2
+	sys-libs/zlib
+	=sys-libs/db-4*
+	ldap? ( >=net-nds/openldap-2.0 )
+	kerberos? ( virtual/krb5 )
+	krb4? ( virtual/krb5 )"
+
+DEPEND="${RDEPEND}
+	>=dev-util/pkgconfig-0.9
+	>=dev-util/intltool-0.35.5
+	>=gnome-base/gnome-common-2
+	>=dev-util/gtk-doc-am-1.9
+	doc? ( >=dev-util/gtk-doc-1.9 )"
+
+DOCS="ChangeLog MAINTAINERS NEWS TODO"
+
+pkg_setup() {
+	G2CONF="${G2CONF}
+		$(use_with ldap openldap)
+		$(use_with kerberos krb5 /usr)
+		$(use_enable ssl nss)
+		$(use_enable ssl smime)
+		$(use_enable ipv6)
+		$(use_enable gnome-keyring)
+		--with-libdb=/usr/$(get_libdir)"
+
+	if use krb4 && ! built_with_use virtual/krb5 krb4; then
+		ewarn
+		ewarn "In order to add kerberos 4 support, you have to emerge"
+		ewarn "virtual/krb5 with the 'krb4' USE flag enabled as well."
+		ewarn
+		ewarn "Skipping for now."
+		ewarn
+		G2CONF="${G2CONF} --without-krb4"
+	else
+		G2CONF="${G2CONF} $(use_with krb4 krb4 /usr)"
+	fi
+}
+
+src_unpack() {
+	gnome2_src_unpack
+
+	# Adjust to gentoo's /etc/service
+	epatch "${FILESDIR}"/${PN}-1.2.0-gentoo_etc_services.patch
+
+	# Fix broken libdb build
+	epatch "${FILESDIR}"/${PN}-1.11.3-no-libdb.patch
+
+	# Rewind in camel-disco-diary to fix a crash
+	epatch "${FILESDIR}"/${PN}-1.8.0-camel-rewind.patch
+
+	# Don't assume that endian.h and byteswap.h exist on all non sun os's
+	epatch "${FILESDIR}"/${PN}-2.21.90-icaltz-util.patch
+
+	# Don't error out if gtkdoc-rebase doesn't exist.
+	epatch "${FILESDIR}"/${PN}-2.21.4-gtkdoc-rebase.patch
+
+	# Fix building evo-exchange with --as-needed
+	epatch "${FILESDIR}"/${PN}-2.21.4-as-needed.patch
+
+	# Fix automatic mail delete after X days, upstream bug #514827
+	epatch "${FILESDIR}"/${P}-mail-cleanup-delay.patch
+
+	# Fix calculation of weekday, upstream bug #548268
+	epatch "${FILESDIR}"/${P}-timezone-western.patch
+
+	# Fix S/MIME verification.  Bug #258867
+	epatch "${FILESDIR}"/${P}-CVE-2009-0547.patch
+
+
+	# gtk-doc-am and gnome-common needed for this
+	eautoreconf
+}
+
+src_compile() {
+	# Use NSS/NSPR only if 'ssl' is enabled.
+	if use ssl ; then
+		sed -i -e "s|mozilla-nss|nss|
+		s|mozilla-nspr|nspr|" "${S}"/configure
+		G2CONF="${G2CONF} --enable-nss=yes"
+	else
+		G2CONF="${G2CONF} --without-nspr-libs --without-nspr-includes \
+		--without-nss-libs --without-nss-includes"
+	fi
+
+	# /usr/include/db.h is always db-1 on FreeBSD
+	# so include the right dir in CPPFLAGS
+	append-cppflags "-I$(db_includedir)"
+
+	cd "${S}"
+	gnome2_src_compile
+}
diff --git a/gnome-extra/evolution-data-server/evolution-data-server-2.24.5-r1.ebuild b/gnome-extra/evolution-data-server/evolution-data-server-2.24.5-r1.ebuild
new file mode 100644
index 000000000000..fc3e6bcd9e85
--- /dev/null
+++ b/gnome-extra/evolution-data-server/evolution-data-server-2.24.5-r1.ebuild
@@ -0,0 +1,134 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/gnome-extra/evolution-data-server/evolution-data-server-2.24.5-r1.ebuild,v 1.1 2009/03/07 20:54:16 dang Exp $
+
+inherit db-use eutils flag-o-matic gnome2 autotools versionator
+
+DESCRIPTION="Evolution groupware backend"
+HOMEPAGE="http://www.gnome.org/projects/evolution/"
+
+LICENSE="LGPL-2 Sleepycat"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
+IUSE="doc ipv6 kerberos gnome-keyring krb4 ldap ssl"
+
+RDEPEND=">=dev-libs/glib-2.16.1
+	>=x11-libs/gtk+-2.10
+	>=gnome-base/orbit-2.9.8
+	>=gnome-base/libbonobo-2.20.3
+	>=gnome-base/gconf-2
+	>=gnome-base/libglade-2
+	>=gnome-base/libgnome-2
+	>=dev-libs/libxml2-2
+	>=net-libs/libsoup-2.4
+	gnome-keyring? ( >=gnome-base/gnome-keyring-2.20.1 )
+	>=dev-db/sqlite-3.5
+	ssl? (
+		>=dev-libs/nspr-4.4
+		>=dev-libs/nss-3.9 )
+	>=gnome-base/libgnomeui-2
+	sys-libs/zlib
+	=sys-libs/db-4*
+	ldap? ( >=net-nds/openldap-2.0 )
+	kerberos? ( virtual/krb5 )
+	krb4? ( virtual/krb5 )"
+
+DEPEND="${RDEPEND}
+	>=dev-util/pkgconfig-0.9
+	>=dev-util/intltool-0.35.5
+	>=gnome-base/gnome-common-2
+	>=dev-util/gtk-doc-am-1.9
+	doc? ( >=dev-util/gtk-doc-1.9 )"
+
+DOCS="ChangeLog MAINTAINERS NEWS TODO"
+
+pkg_setup() {
+	G2CONF="${G2CONF}
+		$(use_with ldap openldap)
+		$(use_with kerberos krb5 /usr)
+		$(use_enable ssl nss)
+		$(use_enable ssl smime)
+		$(use_enable ipv6)
+		$(use_enable gnome-keyring)
+		--with-libdb=/usr/$(get_libdir)"
+
+	if use krb4 && ! built_with_use virtual/krb5 krb4; then
+		ewarn
+		ewarn "In order to add kerberos 4 support, you have to emerge"
+		ewarn "virtual/krb5 with the 'krb4' USE flag enabled as well."
+		ewarn
+		ewarn "Skipping for now."
+		ewarn
+		G2CONF="${G2CONF} --without-krb4"
+	else
+		G2CONF="${G2CONF} $(use_with krb4 krb4 /usr)"
+	fi
+
+}
+
+src_unpack() {
+	gnome2_src_unpack
+
+	# Adjust to gentoo's /etc/service
+	epatch "${FILESDIR}"/${PN}-1.2.0-gentoo_etc_services.patch
+
+	# Fix broken libdb build
+	epatch "${FILESDIR}"/${PN}-1.11.3-no-libdb.patch
+
+	# Rewind in camel-disco-diary to fix a crash
+	epatch "${FILESDIR}"/${PN}-1.8.0-camel-rewind.patch
+
+	# Fix building evo-exchange with --as-needed, upstream bug #342830
+	epatch "${FILESDIR}"/${PN}-2.23.6-as-needed.patch
+
+	# Fix S/MIME verification.  Bug #258867
+	epatch "${FILESDIR}"/${P}-CVE-2009-0547.patch
+
+	if use doc; then
+		sed "/^TARGET_DIR/i \GTKDOC_REBASE=/usr/bin/gtkdoc-rebase" -i gtk-doc.make
+	else
+		sed "/^TARGET_DIR/i \GTKDOC_REBASE=true" -i gtk-doc.make
+	fi
+
+	# gtk-doc-am and gnome-common needed for this
+	intltoolize --force --copy --automake || die "intltoolize failed"
+	eautoreconf
+}
+
+src_compile() {
+	# Use NSS/NSPR only if 'ssl' is enabled.
+	if use ssl ; then
+		sed -i -e "s|mozilla-nss|nss|
+		s|mozilla-nspr|nspr|" "${S}"/configure
+		G2CONF="${G2CONF} --enable-nss=yes"
+	else
+		G2CONF="${G2CONF} --without-nspr-libs --without-nspr-includes \
+		--without-nss-libs --without-nss-includes"
+	fi
+
+	# /usr/include/db.h is always db-1 on FreeBSD
+	# so include the right dir in CPPFLAGS
+	append-cppflags "-I$(db_includedir)"
+
+	cd "${S}"
+	gnome2_src_compile
+}
+
+src_install() {
+	gnome2_src_install
+
+	if use ldap; then
+		MY_MAJORV=$(get_version_component_range 1-2)
+		insinto /etc/openldap/schema
+		doins "${FILESDIR}"/calentry.schema
+		dosym "${D}"/usr/share/${PN}-${MY_MAJORV}/evolutionperson.schema /etc/openldap/schema/evolutionperson.schema
+	fi
+
+}
+
+pkg_postinst() {
+	if use ldap; then
+		elog ""
+		elog "LDAP schemas needed by evolution are installed in /etc/openldap/schema"
+	fi
+}
diff --git a/gnome-extra/evolution-data-server/files/evolution-data-server-2.22.3-CVE-2009-0547.patch b/gnome-extra/evolution-data-server/files/evolution-data-server-2.22.3-CVE-2009-0547.patch
new file mode 100644
index 000000000000..d7c1f6444879
--- /dev/null
+++ b/gnome-extra/evolution-data-server/files/evolution-data-server-2.22.3-CVE-2009-0547.patch
@@ -0,0 +1,107 @@
+diff --exclude-from=/home/dang/.scripts/diffrc -up -ruN evolution-data-server-2.22.3.orig/camel/camel-smime-context.c evolution-data-server-2.22.3/camel/camel-smime-context.c
+--- evolution-data-server-2.22.3.orig/camel/camel-smime-context.c	2008-04-04 05:01:59.000000000 -0400
++++ evolution-data-server-2.22.3/camel/camel-smime-context.c	2009-03-07 15:44:47.000000000 -0500
+@@ -40,6 +40,7 @@
+ #include <smime.h>
+ #include <pkcs11t.h>
+ #include <pk11func.h>
++#include <secoid.h>
+ 
+ #include <errno.h>
+ 
+@@ -534,6 +535,7 @@ sm_verify_cmsg(CamelCipherContext *conte
+ 	for (i = 0; i < count; i++) {
+ 		NSSCMSContentInfo *cinfo = NSS_CMSMessage_ContentLevel(cmsg, i);
+ 		SECOidTag typetag = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
++		int which_digest;
+ 
+ 		switch (typetag) {
+ 		case SEC_OID_PKCS7_SIGNED_DATA:
+@@ -543,45 +545,50 @@ sm_verify_cmsg(CamelCipherContext *conte
+ 				goto fail;
+ 			}
+ 
+-			/* need to build digests of the content */
+-			if (!NSS_CMSSignedData_HasDigests(sigd)) {
+-				if (extstream == NULL) {
+-					camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Digests missing from enveloped data"));
+-					goto fail;
+-				}
+-
+-				if ((poolp = PORT_NewArena(1024)) == NULL) {
+-					camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, g_strerror (ENOMEM));
+-					goto fail;
+-				}
+-
+-				digestalgs = NSS_CMSSignedData_GetDigestAlgs(sigd);
+ 
+-				digcx = NSS_CMSDigestContext_StartMultiple(digestalgs);
+-				if (digcx == NULL) {
+-					camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot calculate digests"));
+-					goto fail;
+-				}
+-
+-				mem = (CamelStreamMem *)camel_stream_mem_new();
+-				camel_stream_write_to_stream(extstream, (CamelStream *)mem);
+-				NSS_CMSDigestContext_Update(digcx, mem->buffer->data, mem->buffer->len);
+-				camel_object_unref(mem);
+-
+-				if (NSS_CMSDigestContext_FinishMultiple(digcx, poolp, &digests) != SECSuccess) {
+-					camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot calculate digests"));
+-					goto fail;
+-				}
+-
+-				if (NSS_CMSSignedData_SetDigests(sigd, digestalgs, digests) != SECSuccess) {
+-					camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot set message digests"));
+-					goto fail;
+-				}
+-
+-				PORT_FreeArena(poolp, PR_FALSE);
+-				poolp = NULL;
++			if (extstream == NULL) {
++				set_nss_error (ex, _("Digests missing from enveloped data"));
++  				goto fail;
+ 			}
+-
++  
++			if ((poolp = PORT_NewArena(1024)) == NULL) {
++				set_nss_error (ex, g_strerror (ENOMEM));
++				goto fail;
++  			}
++ 
++			digestalgs = NSS_CMSSignedData_GetDigestAlgs(sigd);
++			
++			digcx = NSS_CMSDigestContext_StartMultiple(digestalgs);
++			if (digcx == NULL) {
++				set_nss_error (ex, _("Cannot calculate digests"));
++				goto fail;
++			}
++  
++			mem = (CamelStreamMem *)camel_stream_mem_new();
++			camel_stream_write_to_stream(extstream, (CamelStream *)mem);
++			NSS_CMSDigestContext_Update(digcx, mem->buffer->data, mem->buffer->len);
++			camel_object_unref(mem);
++  
++			if (NSS_CMSDigestContext_FinishMultiple(digcx, poolp, &digests) != SECSuccess) {
++				set_nss_error (ex, _("Cannot calculate digests"));
++				goto fail;
++			}
++  
++			for (which_digest = 0; digests[which_digest] != NULL; which_digest++) {
++				SECOidData *digest_alg = SECOID_FindOID (&digestalgs[which_digest]->algorithm);
++				if (digest_alg == NULL) {
++					set_nss_error (ex, _("Cannot set message digests"));
++  					goto fail;
++  				}
++				if (NSS_CMSSignedData_SetDigestValue (sigd, digest_alg->offset, digests[which_digest]) != SECSuccess) {
++					set_nss_error (ex, _("Cannot set message digests"));
++					goto fail;
++  				}
++  			}
++  
++			PORT_FreeArena(poolp, PR_FALSE);
++			poolp = NULL;
++			
+ 			/* import all certificates present */
+ 			if (NSS_CMSSignedData_ImportCerts(sigd, p->certdb, certUsageEmailSigner, PR_TRUE) != SECSuccess) {
+ 				camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Certificate import failed"));
diff --git a/gnome-extra/evolution-data-server/files/evolution-data-server-2.24.5-CVE-2009-0547.patch b/gnome-extra/evolution-data-server/files/evolution-data-server-2.24.5-CVE-2009-0547.patch
new file mode 100644
index 000000000000..d523704e362a
--- /dev/null
+++ b/gnome-extra/evolution-data-server/files/evolution-data-server-2.24.5-CVE-2009-0547.patch
@@ -0,0 +1,105 @@
+diff --exclude-from=/home/dang/.scripts/diffrc -up -ruN evolution-data-server-2.24.5.orig/camel/camel-smime-context.c evolution-data-server-2.24.5/camel/camel-smime-context.c
+--- evolution-data-server-2.24.5.orig/camel/camel-smime-context.c	2008-09-22 06:53:58.000000000 -0400
++++ evolution-data-server-2.24.5/camel/camel-smime-context.c	2009-03-07 14:52:57.000000000 -0500
+@@ -40,6 +40,7 @@
+ #include <smime.h>
+ #include <pkcs11t.h>
+ #include <pk11func.h>
++#include <secoid.h>
+ 
+ #include <errno.h>
+ 
+@@ -534,6 +535,7 @@ sm_verify_cmsg(CamelCipherContext *conte
+ 	for (i = 0; i < count; i++) {
+ 		NSSCMSContentInfo *cinfo = NSS_CMSMessage_ContentLevel(cmsg, i);
+ 		SECOidTag typetag = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
++		int which_digest;
+ 
+ 		switch (typetag) {
+ 		case SEC_OID_PKCS7_SIGNED_DATA:
+@@ -543,44 +545,49 @@ sm_verify_cmsg(CamelCipherContext *conte
+ 				goto fail;
+ 			}
+ 
+-			/* need to build digests of the content */
+-			if (!NSS_CMSSignedData_HasDigests(sigd)) {
+-				if (extstream == NULL) {
+-					camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Digests missing from enveloped data"));
+-					goto fail;
+-				}
+-
+-				if ((poolp = PORT_NewArena(1024)) == NULL) {
+-					camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, g_strerror (ENOMEM));
+-					goto fail;
+-				}
+-
+-				digestalgs = NSS_CMSSignedData_GetDigestAlgs(sigd);
+-				
+-				digcx = NSS_CMSDigestContext_StartMultiple(digestalgs);
+-				if (digcx == NULL) {
+-					camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot calculate digests"));
+-					goto fail;
+-				}
+-
+-				mem = (CamelStreamMem *)camel_stream_mem_new();
+-				camel_stream_write_to_stream(extstream, (CamelStream *)mem);
+-				NSS_CMSDigestContext_Update(digcx, mem->buffer->data, mem->buffer->len);
+-				camel_object_unref(mem);
+-
+-				if (NSS_CMSDigestContext_FinishMultiple(digcx, poolp, &digests) != SECSuccess) {
+-					camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot calculate digests"));
+-					goto fail;
+-				}
+-
+-				if (NSS_CMSSignedData_SetDigests(sigd, digestalgs, digests) != SECSuccess) {
+-					camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot set message digests"));
+-					goto fail;
+-				}
+ 
+-				PORT_FreeArena(poolp, PR_FALSE);
+-				poolp = NULL;
++			if (extstream == NULL) {
++				set_nss_error (ex, _("Digests missing from enveloped data"));
++  				goto fail;
++			}
++  
++			if ((poolp = PORT_NewArena(1024)) == NULL) {
++				set_nss_error (ex, g_strerror (ENOMEM));
++				goto fail;
+ 			}
++ 
++			digestalgs = NSS_CMSSignedData_GetDigestAlgs(sigd);
++			
++			digcx = NSS_CMSDigestContext_StartMultiple(digestalgs);
++			if (digcx == NULL) {
++				set_nss_error (ex, _("Cannot calculate digests"));
++				goto fail;
++			}
++  
++			mem = (CamelStreamMem *)camel_stream_mem_new();
++			camel_stream_write_to_stream(extstream, (CamelStream *)mem);
++			NSS_CMSDigestContext_Update(digcx, mem->buffer->data, mem->buffer->len);
++			camel_object_unref(mem);
++  
++			if (NSS_CMSDigestContext_FinishMultiple(digcx, poolp, &digests) != SECSuccess) {
++				set_nss_error (ex, _("Cannot calculate digests"));
++				goto fail;
++			}
++  
++			for (which_digest = 0; digests[which_digest] != NULL; which_digest++) {
++				SECOidData *digest_alg = SECOID_FindOID (&digestalgs[which_digest]->algorithm);
++				if (digest_alg == NULL) {
++					set_nss_error (ex, _("Cannot set message digests"));
++  					goto fail;
++  				}
++				if (NSS_CMSSignedData_SetDigestValue (sigd, digest_alg->offset, digests[which_digest]) != SECSuccess) {
++					set_nss_error (ex, _("Cannot set message digests"));
++					goto fail;
++  				}
++  			}
++  
++			PORT_FreeArena(poolp, PR_FALSE);
++			poolp = NULL;
+ 
+ 			/* import all certificates present */
+ 			if (NSS_CMSSignedData_ImportCerts(sigd, p->certdb, certUsageEmailSigner, PR_TRUE) != SECSuccess) {
author	Daniel Gryniewicz <dang@gentoo.org>	2009-03-07 20:54:16 +0000
committer	Daniel Gryniewicz <dang@gentoo.org>	2009-03-07 20:54:16 +0000
commit	e856252a96b23c7f341a4d217099a4997dedea12 (patch)
tree	e898ed928cdde5158c0f832f80c13b03488e15b0 /gnome-extra/evolution-data-server
parent	Migrate to EAPI 2. (diff)
download	historical-e856252a96b23c7f341a4d217099a4997dedea12.tar.gz historical-e856252a96b23c7f341a4d217099a4997dedea12.tar.bz2 historical-e856252a96b23c7f341a4d217099a4997dedea12.zip