diff options
Diffstat (limited to 'net-libs/rest')
4 files changed, 161 insertions, 0 deletions
diff --git a/net-libs/rest/Manifest b/net-libs/rest/Manifest index 3c1ff9be232d..ba64327fbd7a 100644 --- a/net-libs/rest/Manifest +++ b/net-libs/rest/Manifest @@ -1,5 +1,8 @@ +AUX 0001-rest_proxy_call_sync-bail-out-if-no-payload.patch 1498 BLAKE2B be8a629fb8fb01a909a05d5c2ae14fe9eb1ec508e18f58691ec65979c5cc72b7f5298912e5aba42669c840c627f467aa938171c51b838e360efe8f13fd98a5db SHA512 72c7e8750802b5a5cb99e45cb68a6419c6794a88b858c9729a3317db07def03351c2ec5b13dac17e495c9b84871f97401d61a573b2896d9c981b96a3f898d070 +AUX 0002-Handle-some-potential-problems-in-parsing-oauth2-acc.patch 1676 BLAKE2B 07cbdc3d6d5d7388186ea785bd1c032a6cb5597b9dfdd43a21d1f4e63bc12bbfa15b2b5c09d29602493dd7f56fcce8eaf9a7a99672d4611556781e310549cea9 SHA512 acc3241b93e8c06a9f6ee05daba20cc4b6f6360642132964b25ca6d81a0acd520e1baf820a18a0df7c21f520a6dd5c3063257fd9b619c74137f94428f562bccd DIST rest-0.8.1.tar.xz 333376 BLAKE2B 595576f29ebe35121b7a896086abd3411ac3b2d324d2e50d646274c4060cfaffbd3b701eaae80afdc60d52c77bb5076135064648536378f2562f27c79c5738b7 SHA512 824a341db3827e4360abe03e33735918c68913c70d797699ef74271080a1985872006ec70fd994dc8fa3fbfef417e6fe979883c11286512d0ce623b8368e40c3 DIST rest-0.9.1.tar.xz 71136 BLAKE2B 696a43db8a05d90cd2cb86cb2ffe22a817c7b0565c1e90e2508b0dffd3824fa46afef78c039d8911dc50f93c0afe1efbc783676c677b71bb7a2b5ad9ac5a1a26 SHA512 7fb219f571aec2b8d09d71e257e2b230bfb5c862e7e425fd540c96f6e2a22457df7d3df32838d71beec00ba54c7adbd0301d744bb0497c46b3a1413949304462 EBUILD rest-0.8.1-r1.ebuild 1483 BLAKE2B fd647f2cc7b7e945644118a38d98035373188fc2839bda61e4ef72d484731be4179e48c7b043240b7e529597165ab29c38e06c18f1153cf2a2bc3b3a32998504 SHA512 d6035981ef8410bb5b593606d567b2ea4c837941e8b3ad32cb8cf7b283d4be055cdb4d0ad40a7e7b26aa464cbdff8c868cbf1aeadae4f17ba6a0ef4b9df20c6e +EBUILD rest-0.9.1-r1.ebuild 1679 BLAKE2B 2c8221a6e44f58b377bbb99609963262b4b55def551a7ca7da841329204e611713b29053373d91facd4843f4b06312a1c6eef336a7428173572e2068289c96cc SHA512 0f2bab134efce4750e720ec06dc1d65f08ec2ed6eeadaff9b3946e714e58e6cd7f32ac348928b900c7ab6b9cb7f72ab649f86e7d6364ef2e0946885e6f073c62 EBUILD rest-0.9.1.ebuild 1368 BLAKE2B 12a45783e429d5f3b80b65846217cd4bec0b550639183239fef149180726f4aed1c03a96ad1a9e0372176027d9d7896eabc24319c632d504f31af47eb6b37bfd SHA512 ba4d53269f1c427930c47460ccc14006f84cefd1d6c06082a65fcdcca4deb0b7efc24c19412661f87da992582157090b1a17dc943736612266a92aa2b8fe45b8 MISC metadata.xml 348 BLAKE2B aa9355d4d476aa865a65356707ef1264225ac5bec69af9ca70ed3ebbfe4a5745d8338f9799bd4636f65537d443328a6a4cc9fddd52ab8e88905e9cddff99ee2b SHA512 ac333dd016d4347bd6b342f2cc335254e53029c0db2f954b1ba8e9dfda4803785244a2dd149fde180f2b08271d53b84cbfbf5d5398feb85719e8a20b7672d3c0 diff --git a/net-libs/rest/files/0001-rest_proxy_call_sync-bail-out-if-no-payload.patch b/net-libs/rest/files/0001-rest_proxy_call_sync-bail-out-if-no-payload.patch new file mode 100644 index 000000000000..14e41ba17174 --- /dev/null +++ b/net-libs/rest/files/0001-rest_proxy_call_sync-bail-out-if-no-payload.patch @@ -0,0 +1,40 @@ +From fbad64abe28a96f591a30e3a5d3189c10172a414 Mon Sep 17 00:00:00 2001 +From: Adam Williamson <awilliam@redhat.com> +Date: Tue, 30 Aug 2022 10:03:57 -0700 +Subject: [PATCH 1/2] rest_proxy_call_sync: bail out if no payload + +goa-daemon is crashing on suspend/resume with a traceback that +points here: it calls rest_proxy_call_sync, that calls +_rest_proxy_send_message, assumes it gets a `payload` back, +and calls `finish_call` with it. However, it's not actually +guaranteed that `_rest_proxy_send_message` will return a payload +(a `GBytes`). There are three ways it can return `NULL` instead: +if it's passed a wrong proxy or message, or - when built against +libsoup3 - if there is an error sending the message (it passes +through the return value of `soup_session_send_and_read`, and +that's documented to be `NULL` on error). + +If `payload` comes back `NULL`, let's just return `FALSE`, like +we do if there's a problem with the call or message. + +Signed-off-by: Adam Williamson <awilliam@redhat.com> +--- + rest/rest-proxy-call.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/rest/rest-proxy-call.c b/rest/rest-proxy-call.c +index 851b397..07b8b49 100644 +--- a/rest/rest-proxy-call.c ++++ b/rest/rest-proxy-call.c +@@ -1428,6 +1428,8 @@ rest_proxy_call_sync (RestProxyCall *call, + return FALSE; + + payload = _rest_proxy_send_message (priv->proxy, message, priv->cancellable, error_out); ++ if (!payload) ++ return FALSE; + + ret = finish_call (call, message, payload, error_out); + +-- +2.37.1 + diff --git a/net-libs/rest/files/0002-Handle-some-potential-problems-in-parsing-oauth2-acc.patch b/net-libs/rest/files/0002-Handle-some-potential-problems-in-parsing-oauth2-acc.patch new file mode 100644 index 000000000000..f437c7d9e74d --- /dev/null +++ b/net-libs/rest/files/0002-Handle-some-potential-problems-in-parsing-oauth2-acc.patch @@ -0,0 +1,52 @@ +From 49c2d0ac00b959ce53cc00ca4e7758c21085722f Mon Sep 17 00:00:00 2001 +From: Adam Williamson <awilliam@redhat.com> +Date: Tue, 30 Aug 2022 10:59:01 -0700 +Subject: [PATCH 2/2] Handle some potential problems in parsing oauth2 access + tokens + +It's possible for `_rest_proxy_send_message` to return `NULL`, +which would mean the `payload` here would be `NULL`. If so, +we're not going to be able to do anything, so we should just +bail out. + +It's also possible for `json_parser_load_from_data` to return +`FALSE` without setting an error. The most obvious way would be +if `data` was `NULL`, which the bailout avoids, but it could +also happen if we pass an invalid parser somehow. Let's just +handle that too, to be safe. + +Signed-off-by: Adam Williamson <awilliam@redhat.com> +--- + rest/rest-oauth2-proxy.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/rest/rest-oauth2-proxy.c b/rest/rest-oauth2-proxy.c +index 9511f97..a715b2b 100644 +--- a/rest/rest-oauth2-proxy.c ++++ b/rest/rest-oauth2-proxy.c +@@ -68,18 +68,21 @@ rest_oauth2_proxy_parse_access_token (RestOAuth2Proxy *self, + gsize size; + gint expires_in; + gint created_at; ++ gboolean ret; + + g_return_if_fail (REST_IS_OAUTH2_PROXY (self)); ++ g_return_if_fail (payload); + + data = g_bytes_get_data (payload, &size); + + parser = json_parser_new (); +- json_parser_load_from_data (parser, data, size, &error); ++ ret = json_parser_load_from_data (parser, data, size, &error); + if (error != NULL) + { + g_task_return_error (task, error); + return; + } ++ g_return_if_fail (ret); + + root = json_parser_get_root (parser); + root_object = json_node_get_object (root); +-- +2.37.1 + diff --git a/net-libs/rest/rest-0.9.1-r1.ebuild b/net-libs/rest/rest-0.9.1-r1.ebuild new file mode 100644 index 000000000000..5cabb1551b69 --- /dev/null +++ b/net-libs/rest/rest-0.9.1-r1.ebuild @@ -0,0 +1,66 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit gnome.org meson vala + +DESCRIPTION="Helper library for RESTful services" +HOMEPAGE="https://wiki.gnome.org/Projects/Librest" + +LICENSE="LGPL-2.1" +SLOT="1.0" # librest_soversion +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" +IUSE="gtk-doc +introspection test vala" +REQUIRED_USE=" + gtk-doc? ( introspection ) + vala? ( introspection ) +" +RESTRICT="!test? ( test )" + +RDEPEND=" + >=dev-libs/glib-2.44.0:2 + >=net-libs/libsoup-2.99.2:3.0 + dev-libs/json-glib:0[introspection?] + dev-libs/libxml2:2 + app-misc/ca-certificates + introspection? ( >=dev-libs/gobject-introspection-1.74.0:= ) +" +DEPEND="${RDEPEND}" +BDEPEND=" + dev-util/glib-utils + gtk-doc? ( >=dev-util/gi-docgen-2021.6 ) + vala? ( $(vala_depend) ) +" + +PATCHES=( + # Fix some crash paths exposed by the libsoup3 port + # https://gitlab.gnome.org/GNOME/librest/-/merge_requests/30 + "${FILESDIR}"/0001-rest_proxy_call_sync-bail-out-if-no-payload.patch + "${FILESDIR}"/0002-Handle-some-potential-problems-in-parsing-oauth2-acc.patch +) + +src_prepare() { + default + vala_setup + + # The only two tests from the rest-extras suite (flickr and lastfm) require + # network access + if has network-sandbox ${FEATURES}; then + sed -i -e '/flickr/d' -e '/lastfm/d' tests/meson.build + fi +} + +src_configure() { + local emesonargs=( + -Dca_certificates=true + -Dca_certificates_path="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt + $(meson_use introspection) + $(meson_use vala vapi) + -Dexamples=false + $(meson_use gtk-doc gtk_doc) + -Dsoup2=false + $(meson_use test tests) + ) + meson_src_configure +} |