* [gentoo-commits] gentoo-x86 commit in media-sound/mumble/files: mumble-1.2.3-fix-cert-validation.patch mumble-1.2.3-set-file-permissions.patch
@ 2012-02-16 2:07 Timo Gurr (tgurr)
0 siblings, 0 replies; 2+ messages in thread
From: Timo Gurr (tgurr) @ 2012-02-16 2:07 UTC (permalink / raw
To: gentoo-commits
tgurr 12/02/16 02:07:37
Added: mumble-1.2.3-fix-cert-validation.patch
mumble-1.2.3-set-file-permissions.patch
Log:
Revbump fixing security issue wrt bug #403939. Removing mDNSResponder wrt upcomming last rite. Added patch for Qt 4.8 SSL. EAPI bump. Remove old.
(Portage version: 2.2.0_alpha86/cvs/Linux x86_64)
Revision Changes Path
1.1 media-sound/mumble/files/mumble-1.2.3-fix-cert-validation.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/media-sound/mumble/files/mumble-1.2.3-fix-cert-validation.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/media-sound/mumble/files/mumble-1.2.3-fix-cert-validation.patch?rev=1.1&content-type=text/plain
Index: mumble-1.2.3-fix-cert-validation.patch
===================================================================
Description: Fix certificate validation with QT 4.8. For some reason, the
new on-demand root cert loading is not working with mumble.
Author: Marc Deslauriers <marc.deslauriers@canonical.com>
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/mumble/+bug/928296
diff -Naur mumble-1.2.3/src/SSL.cpp mumble-1.2.3.new/src/SSL.cpp
--- mumble-1.2.3/src/SSL.cpp 2011-02-19 22:35:16.000000000 +0100
+++ mumble-1.2.3.new/src/SSL.cpp 2012-02-16 02:45:20.353665502 +0100
@@ -252,6 +252,11 @@
QSslSocket::setDefaultCaCertificates(ql);
#endif // NO_SYSTEM_CA_OVERRIDE
+#if QT_VERSION >= 0x040800
+ // Don't perform on-demand loading of root certificates
+ QSslSocket::setDefaultCaCertificates(QSslSocket::systemCaCertificates());
+#endif
+
for (unsigned int i=0;i<sizeof(recommended_cas)/sizeof(recommended_cas[0]);++i) {
QSslCertificate cert(recommended_cas[i]);
if (! QSslSocket::defaultCaCertificates().contains(cert)) {
1.1 media-sound/mumble/files/mumble-1.2.3-set-file-permissions.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/media-sound/mumble/files/mumble-1.2.3-set-file-permissions.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/media-sound/mumble/files/mumble-1.2.3-set-file-permissions.patch?rev=1.1&content-type=text/plain
Index: mumble-1.2.3-set-file-permissions.patch
===================================================================
From 5632c35d6759f5e13a7dfe78e4ee6403ff6a8e3e Mon Sep 17 00:00:00 2001
From: Thorvald Natvig <slicer@users.sourceforge.net>
Date: Fri, 27 May 2011 16:59:15 -0700
Subject: [PATCH] Explicitly remove file permissions for settings and DB
---
src/mumble/Database.cpp | 5 +++++
src/mumble/Settings.cpp | 11 +++++++++++
2 files changed, 16 insertions(+), 0 deletions(-)
diff --git a/src/mumble/Database.cpp b/src/mumble/Database.cpp
index 5449fbe..8c3854f 100644
--- a/src/mumble/Database.cpp
+++ b/src/mumble/Database.cpp
@@ -94,6 +94,11 @@
qWarning("Database: Database is read-only");
}
+ {
+ QFile f(db.databaseName());
+ f.setPermissions(f.permissions() & ~(QFile::ReadGroup | QFile::WriteGroup | QFile::ExeGroup | QFile::ReadOther | QFile::WriteOther | QFile::ExeOther));
+ }
+
QSqlQuery query;
query.exec(QLatin1String("CREATE TABLE IF NOT EXISTS `servers` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `name` TEXT, `hostname` TEXT, `port` INTEGER DEFAULT " MUMTEXT(DEFAULT_MUMBLE_PORT) ", `username` TEXT, `password` TEXT)"));
diff --git a/src/mumble/Settings.cpp b/src/mumble/Settings.cpp
index 404692b..b5e9202 100644
--- a/src/mumble/Settings.cpp
+++ b/src/mumble/Settings.cpp
@@ -716,6 +716,17 @@ void OverlaySettings::save() {
void OverlaySettings::save(QSettings* settings_ptr) {
OverlaySettings def;
+ settings_ptr->setValue(QLatin1String("version"), QLatin1String(MUMTEXT(MUMBLE_VERSION_STRING)));
+ settings_ptr->sync();
+
+#if defined(Q_OS_WIN) || defined(Q_OS_MAC)
+ if (settings_ptr->format() == QSettings::IniFormat)
+#endif
+ {
+ QFile f(settings_ptr->fileName());
+ f.setPermissions(f.permissions() & ~(QFile::ReadGroup | QFile::WriteGroup | QFile::ExeGroup | QFile::ReadOther | QFile::WriteOther | QFile::ExeOther));
+ }
+
SAVELOAD(bEnable, "enable");
SAVELOAD(osShow, "show");
--
1.7.5.4
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [gentoo-commits] gentoo-x86 commit in media-sound/mumble/files: mumble-1.2.3-fix-cert-validation.patch mumble-1.2.3-set-file-permissions.patch
@ 2013-11-17 23:59 Timo Gurr (tgurr)
0 siblings, 0 replies; 2+ messages in thread
From: Timo Gurr (tgurr) @ 2013-11-17 23:59 UTC (permalink / raw
To: gentoo-commits
tgurr 13/11/17 23:59:11
Removed: mumble-1.2.3-fix-cert-validation.patch
mumble-1.2.3-set-file-permissions.patch
Log:
Remove old.
(Portage version: 2.2.7/cvs/Linux x86_64, signed Manifest commit with key 5270BA51)
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2013-11-17 23:59 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-02-16 2:07 [gentoo-commits] gentoo-x86 commit in media-sound/mumble/files: mumble-1.2.3-fix-cert-validation.patch mumble-1.2.3-set-file-permissions.patch Timo Gurr (tgurr)
-- strict thread matches above, loose matches on Subject: below --
2013-11-17 23:59 Timo Gurr (tgurr)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox