.gitignore

@@ -1 +1 @@
-SOURCES/rabbitmq-c-0.11.0-a64c08c.tar.gz
+SOURCES/v0.9.0.tar.gz

.librabbitmq.metadata

@@ -1 +1 @@
-e7821abf0fac22b7e6505f01943e64b16d9de2ab SOURCES/rabbitmq-c-0.11.0-a64c08c.tar.gz
+0709ef3c9906bd13158d3f9b11f1666bb3903f1d SOURCES/v0.9.0.tar.gz

SOURCES/rabbitmq-c-0.9.0-CVE-2019-18609.patch

@@ -0,0 +1,28 @@
+diff -up rabbitmq-c-0.9.0/librabbitmq/amqp_connection.c.CVE-2019-18609 rabbitmq-c-0.9.0/librabbitmq/amqp_connection.c
+--- rabbitmq-c-0.9.0/librabbitmq/amqp_connection.c.CVE-2019-18609	2020-04-06 15:10:07.002386201 +0200
++++ rabbitmq-c-0.9.0/librabbitmq/amqp_connection.c	2020-04-06 15:17:03.624425371 +0200
+@@ -287,12 +287,21 @@ int amqp_handle_input(amqp_connection_st
+     case CONNECTION_STATE_HEADER: {
+       amqp_channel_t channel;
+       amqp_pool_t *channel_pool;
+-      /* frame length is 3 bytes in */
++      uint32_t frame_size;
++
+       channel = amqp_d16(amqp_offset(raw_frame, 1));
+ 
+-      state->target_size =
+-          amqp_d32(amqp_offset(raw_frame, 3)) + HEADER_SIZE + FOOTER_SIZE;
++      /* frame length is 3 bytes in */
++      frame_size = amqp_d32(amqp_offset(raw_frame, 3));
++      /* To prevent the target_size calculation below from overflowing, check
++       * that the stated frame_size is smaller than a signed 32-bit. Given
++       * the library only allows configuring frame_max as an int32_t, and
++       * frame_size is uint32_t, the math below is safe from overflow. */
++      if (frame_size >= INT32_MAX) {
++        return AMQP_STATUS_BAD_AMQP_DATA;
++      }
+ 
++      state->target_size = frame_size + HEADER_SIZE + FOOTER_SIZE;
+       if ((size_t)state->frame_max < state->target_size) {
+         return AMQP_STATUS_BAD_AMQP_DATA;
+       }

SOURCES/rabbitmq-c-static.patch

@@ -1,41 +0,0 @@
-From a8c05cb16afbf852fc584f2c2d31d2f7f0e3a48d Mon Sep 17 00:00:00 2001
-From: Remi Collet <remi@remirepo.net>
-Date: Thu, 1 Apr 2021 11:21:36 +0200
-Subject: [PATCH] add option to install or not the static library
-
----
- CMakeLists.txt             | 1 +
- librabbitmq/CMakeLists.txt | 8 +++++---
- 2 files changed, 6 insertions(+), 3 deletions(-)
-
-diff --git a/CMakeLists.txt b/CMakeLists.txt
-index a9a29fdd..a7cf8f2c 100644
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -245,6 +245,7 @@ endif()
- 
- option(BUILD_SHARED_LIBS "Build rabbitmq-c as a shared library" ON)
- option(BUILD_STATIC_LIBS "Build rabbitmq-c as a static library" ON)
-+option(INSTALL_STATIC_LIBS "Install rabbitmq-c static library" ON)
- 
- option(BUILD_EXAMPLES "Build Examples" ON)
- option(BUILD_TOOLS "Build Tools (requires POPT Library)" ${POPT_FOUND})
-diff --git a/librabbitmq/CMakeLists.txt b/librabbitmq/CMakeLists.txt
-index d8dcd262..72b4a875 100644
---- a/librabbitmq/CMakeLists.txt
-+++ b/librabbitmq/CMakeLists.txt
-@@ -154,9 +154,11 @@ if (BUILD_STATIC_LIBS)
-         set_target_properties(rabbitmq-static PROPERTIES VERSION ${RMQ_VERSION} SOVERSION ${RMQ_SOVERSION} OUTPUT_NAME rabbitmq)
-     endif (WIN32)
- 
--    install(TARGETS rabbitmq-static EXPORT "${targets_export_name}"
--        ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR}
--        )
-+    if (INSTALL_STATIC_LIBS)
-+        install(TARGETS rabbitmq-static EXPORT "${targets_export_name}"
-+            ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR}
-+            )
-+    endif (INSTALL_STATIC_LIBS)
- 
-     if (NOT DEFINED RMQ_LIBRARY_TARGET)
-         set(RMQ_LIBRARY_TARGET rabbitmq-static)

SOURCES/rabbitmq-c-version.patch

@@ -1,25 +0,0 @@
-From 2a9ae303f7fa7bc115ecb827c1c3c7c9f84558dd Mon Sep 17 00:00:00 2001
-From: Remi Collet <remi@remirepo.net>
-Date: Thu, 1 Apr 2021 14:48:25 +0200
-Subject: [PATCH] Fix #666 bad PACKAGE_VERSION
-
----
- CMakeLists.txt | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/CMakeLists.txt b/CMakeLists.txt
-index a9a29fd..74364cf 100644
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -322,7 +322,7 @@ set(version_config "${CMAKE_CURRENT_BINARY_DIR}/rabbitmq-c-config-version.cmake"
- 
- write_basic_package_version_file(
-     "${version_config}"
--    VERSION ${RMQ_VERSION}
-+    VERSION ${VERSION}
-     COMPATIBILITY AnyNewerVersion)
- 
- configure_package_config_file(
--- 
-2.30.2
-

SPECS/librabbitmq.spec

@@ -1,45 +1,29 @@
 # Fedora spec file for librabbitmq
 #
-# Copyright (c) 2012-2021 Remi Collet
+# Copyright (c) 2012-2018 Remi Collet
 # License: CC-BY-SA
 # http://creativecommons.org/licenses/by-sa/4.0/
 #
 # Please, preserve the changelog entries
 #
 
-%bcond_without      tests
+Name:      librabbitmq
-
-%global gh_commit   a64c08c68aff34d49a2ac152f04988cd921084f9
-%global gh_short    %(c=%{gh_commit}; echo ${c:0:7})
-%global gh_owner    alanxz
-%global gh_project  rabbitmq-c
-%global libname     librabbitmq
-%global soname      4
-
-Name:      %{libname}
 Summary:   Client library for AMQP
-Version:   0.11.0
+Version:   0.9.0
-Release:   7%{?dist}
+Release:   4%{?dist}
 License:   MIT
 URL:       https://github.com/alanxz/rabbitmq-c
-
+Source0:   https://github.com/alanxz/rabbitmq-c/archive/v%{version}.tar.gz
-Source0:   https://github.com/%{gh_owner}/%{gh_project}/archive/%{gh_commit}/%{gh_project}-%{version}-%{gh_short}.tar.gz
+Patch0:    rabbitmq-c-0.9.0-CVE-2019-18609.patch
-
+Patch1:    rabbitmq-c-CVE-2023-35789.patch
-# don't install static library
-Patch0:    %{gh_project}-static.patch
-# fix version for cmake module
-Patch1:    %{gh_project}-version.patch
-# CVE-2023-35789
-Patch2:     rabbitmq-c-CVE-2023-35789.patch
 
 BuildRequires: gcc
 BuildRequires: cmake > 2.8
 BuildRequires: openssl-devel
 # For tools
-BuildRequires: popt-devel > 1.14
+BuildRequires: popt-devel
 # For man page
 BuildRequires: xmlto
-BuildRequires: make
 
 
 %description
@@ -72,10 +56,9 @@ amqp-publish        Publish a message on an AMQP server
 
 
 %prep
-%setup -q -n %{gh_project}-%{gh_commit}
+%setup -q -n rabbitmq-c-%{version}
-%patch -P0 -p1
+%patch0 -p1 -b .CVE-2019-18609
-%patch -P1 -p1
+%patch1 -p1 -b .CVE-2023-35789
-%patch -P2 -p1
 
 # Copy sources to be included in -devel docs.
 cp -pr examples Examples
@@ -83,64 +66,40 @@ cp -pr examples Examples
 # This test requires a running server
 sed -e '/test_basic/d' -i tests/CMakeLists.txt
 
-
 %build
 # static lib required for tests
 %cmake \
   -DBUILD_TOOLS_DOCS:BOOL=ON \
-%if %{with tests}
+  -DBUILD_STATIC_LIBS:BOOL=ON
-  -DINSTALL_STATIC_LIBS:BOOL=OFF \
-%else
-  -DBUILD_TESTS:BOOL=OFF \
-  -DBUILD_STATIC_LIBS:BOOL=OFF \
-%endif
-  -S .
 
-%if 0%{?cmake_build:1}
-%cmake_build
-%else
 make %{_smp_mflags}
-%endif
 
 
 %install
-%if 0%{?cmake_install:1}
-%cmake_install
-%else
 make install  DESTDIR="%{buildroot}"
-%endif
+
+rm %{buildroot}%{_libdir}/%{name}.a
 
 
 %check
 : check .pc is usable
-grep @ %{buildroot}%{_libdir}/pkgconfig/librabbitmq.pc && exit 1
+grep @ %{buildroot}%{_libdir}/pkgconfig/%{name}.pc && exit 1
-: check cmake files are usable
-grep static %{buildroot}%{_libdir}/cmake/rabbitmq-c/*.cmake && exit 1
 
-%if %{with tests}
 : upstream tests
-%if 0%{?ctest:1}
-%ctest
-%else
 make test
-%endif
-%else
-: Tests disabled
-%endif
 
 
 %files
 %license LICENSE-MIT
-%{_libdir}/%{libname}.so.%{soname}*
+%{_libdir}/%{name}.so.*
 
 
 %files devel
 %doc AUTHORS THANKS TODO *.md
 %doc Examples
-%{_libdir}/%{libname}.so
+%{_libdir}/%{name}.so
 %{_includedir}/amqp*
-%{_libdir}/pkgconfig/%{libname}.pc
+%{_libdir}/pkgconfig/%{name}.pc
-%{_libdir}/cmake/rabbitmq-c
 
 %files tools
 %{_bindir}/amqp-*
@@ -149,59 +108,16 @@ make test
 
 
 %changelog
-* Fri Jun 23 2023 Than Ngo <than@redhat.com> - 0.11.0-7
+* Fri Jun 23 2023 Than Ngo <than@redhat.com> - 0.9.0-4
-- add missing gating.yaml
+- Resolves: #2215765, insecure credentials submission
-- fix rpminspect issue
-Related: #2215766
 
-* Fri Jun 23 2023 Than Ngo <than@redhat.com> - 0.11.0-6
+* Tue Sep 29 2020 Than Ngo <than@redhat.com> - 0.9.0-3
-- Resolves: #2215766, insecure credentials submission
+- Resolves: #1857831, rpmdiff
 
-* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 0.11.0-5
+* Mon Apr 06 2020 Than Ngo <than@redhat.com> - 0.9.0-2
-- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+- Resolves: #1809992, CVE-2019-18609
-  Related: rhbz#1991688
 
-* Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 0.11.0-4
+* Thu Jun 28 2018 Than Ngo <than@redhat.com> - 0.9.0-1
-- Rebuilt for RHEL 9 BETA for openssl 3.0
-  Related: rhbz#1971065
-
-* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 0.11.0-3
-- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
-
-* Thu Apr  1 2021 Remi Collet <remi@remirepo.net> - 0.11.0-2
-- add patch to fix version in cmake file from
-  https://github.com/alanxz/rabbitmq-c/pull/667
-
-* Thu Apr  1 2021 Remi Collet <remi@remirepo.net> - 0.11.0-1
-- update to 0.11.0
-- add patch to not install the static library, from
-  https://github.com/alanxz/rabbitmq-c/pull/665
-
-* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.10.0-4
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
-
-* Thu Aug 13 2020 Remi Collet <remi@remirepo.net> - 0.10.0-3
-- fix cmake macros usage, FTBFS #1863670
-
-* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.10.0-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
-
-* Mon Dec  2 2019 Remi Collet <remi@remirepo.net> - 0.10.0-1
-- update to 0.10.0
-
-* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.0-4
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
-
-* Mon Feb  4 2019 Remi Collet <remi@remirepo.net> - 0.9.0-3
-- fix cmake invocation and FTBFS
-
-* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.0-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
-
-* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.0-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
-
-* Tue May 15 2018 Remi Collet <remi@remirepo.net> - 0.9.0-1
 - update to 0.9.0
 
 * Tue Feb 20 2018 Remi Collet <remi@remirepo.net> - 0.8.0-7