import UBI socat-1.7.4.4-8.el10

2025-05-14 17:55:28 +00:00
7 changed files with 196 additions and 20 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/socat-1.7.4.1.tar.gz
+socat-1.7.4.4.tar.gz
--- a/.socat.metadata
+++ b/.socat.metadata
@ -1 +0,0 @@
-9fe5a0a0b13dded556a66259b68eb672b900f1d1 SOURCES/socat-1.7.4.1.tar.gz
--- a/socat-1.7.3.3-warn.patch
+++ b/socat-1.7.3.3-warn.patch
@ -0,0 +1,43 @@
+diff -Naur socat-1.7.3.3-orig/sysutils.c socat-1.7.3.3/sysutils.c
+--- socat-1.7.3.3-orig/sysutils.c	2017-01-08 05:38:53.000000000 -0500
+++ socat-1.7.3.3/sysutils.c	2019-06-24 17:02:56.693056583 -0400
+@@ -614,7 +614,7 @@
+       return -1;
+    }
+ 
+-   strncpy(ifr.ifr_name, ifname, IFNAMSIZ);	/* ok */
+   strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);	/* ok */
+    if (Ioctl(s, SIOCGIFINDEX, &ifr) < 0) {
+       Info3("ioctl(%d, SIOCGIFINDEX, {\"%s\"}): %s",
+ 	     s, ifr.ifr_name, strerror(errno));
+diff -Naur socat-1.7.3.3-orig/xio-socket.c socat-1.7.3.3/xio-socket.c
+--- socat-1.7.3.3-orig/xio-socket.c	2017-01-08 04:56:00.000000000 -0500
+++ socat-1.7.3.3/xio-socket.c	2019-06-24 17:04:48.684491835 -0400
+@@ -1710,7 +1710,6 @@
+ int xiocheckpeer(xiosingle_t *xfd,
+ 		 union sockaddr_union *pa, union sockaddr_union *la) {
+    char infobuff[256];
+-   int result;
+ 
+ #if WITH_IP4
+    if (xfd->para.socket.dorange) {
+@@ -1778,6 +1777,7 @@
+ #endif /* WITH_TCP || WITH_UDP */
+ 
+ #if (WITH_TCP || WITH_UDP) && WITH_LIBWRAP
+   int result;
+    result = xio_tcpwrap_check(xfd, la, pa);
+    if (result < 0) {
+       char infobuff[256];
+diff -Naur socat-1.7.3.3-orig/xio-tun.c socat-1.7.3.3/xio-tun.c
+--- socat-1.7.3.3-orig/xio-tun.c	2017-01-06 15:58:40.000000000 -0500
+++ socat-1.7.3.3/xio-tun.c	2019-06-24 17:03:55.276797729 -0400
+@@ -106,7 +106,7 @@
+    memset(&ifr, 0,sizeof(ifr));
+ 
+    if (retropt_string(opts, OPT_TUN_NAME, &tunname) == 0) {
+-      strncpy(ifr.ifr_name, tunname, IFNAMSIZ);	/* ok */
+      strncpy(ifr.ifr_name, tunname, IFNAMSIZ - 1);	/* ok */
+       free(tunname);
+    } else {
+       ifr.ifr_name[0] = '\0';
--- a/socat-1.7.4.4-CVE-2024-54661.patch
+++ b/socat-1.7.4.4-CVE-2024-54661.patch
@ -0,0 +1,22 @@
+http://www.dest-unreach.org/socat/contrib/socat-secadv9.html
+
+--- socat-1.8.0.1/readline.sh	2019-04-04 10:59:55.000000000 +0200
+++ socat-1.8.0.2/readline.sh	2024-12-06 11:44:17.376502570 +0100
+@@ -22,9 +22,15 @@
+ else
+     HISTOPT=
+ fi
+-mkdir -p /tmp/$USER || exit 1
+ #
+ #
+ 
+-exec socat -d readline"$HISTOPT",noecho='[Pp]assword:' exec:"$PROGRAM",sigint,pty,setsid,ctty,raw,echo=0,stderr 2>/tmp/$USER/stderr2
+if test -w .; then
+    STDERR=./socat-readline.${1##*/}.log
+    rm -f $STDERR
+else
+    STDERR=/dev/null
+fi
+
+exec socat -d readline"$HISTOPT",noecho='[Pp]assword:' exec:"$PROGRAM",sigint,pty,setsid,ctty,raw,echo=0,stderr 2>$STDERR
+ 
--- a/socat-configure-c99.patch
+++ b/socat-configure-c99.patch
@ -0,0 +1,32 @@
+Include <openssl/err.h> for the ERR_error_string function.  This
+improves compatibility with future compilers which will not accept
+implicit funcction declarations by default.
+
+diff --git a/configure b/configure
+index fe4e606e91010520..694801b2a93659af 100755
+--- a/configure
+++ b/configure
+@@ -5199,6 +5199,8 @@ else
+       cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+ /* end confdefs.h.  */
+ #include <openssl/ssl.h>
+      #include <openssl/err.h>
+
+ int
+ main ()
+ {
+diff --git a/configure.ac b/configure.ac
+index 09dbb7a1e8d35c84..abd599c90e3ef0d7 100644
+--- a/configure.ac
+++ b/configure.ac
+@@ -559,7 +559,9 @@ if test -n "$WITH_OPENSSL" -a "$sc_cv_have_openssl_ssl_h" = 'yes'; then
+       else
+ 	LIBS="$LIBS -lssl -lcrypto"
+       fi
+-      AC_TRY_LINK([#include <openssl/ssl.h>],
+      AC_TRY_LINK([#include <openssl/ssl.h>
+      #include <openssl/err.h>
+      ],
+        [SSL_library_init();ERR_error_string()],
+        [sc_cv_have_libssl='yes'],
+        [ LIBS="$LIBS -lcrypto"
--- a/SPECS/socat.spec
+++ b/SPECS/socat.spec
@ -2,13 +2,18 @@

 Summary: Bidirectional data relay between two data channels ('netcat++')
 Name: socat
-Version: 1.7.4.1
-Release: 1%{?dist}
-License: GPLv2
+Version: 1.7.4.4
+Release: 8%{?dist}
+License: GPL-2.0-only
 Url:  http://www.dest-unreach.org/socat/
 Source: http://www.dest-unreach.org/socat/download/%{name}-%{version}.tar.gz
-Group: Applications/Internet

+Patch1: socat-1.7.3.3-warn.patch
+Patch2: socat-configure-c99.patch
+Patch3: socat-1.7.4.4-CVE-2024-54661.patch
+
+BuildRequires: make
+BuildRequires:  gcc
 BuildRequires: openssl-devel readline-devel ncurses-devel
 BuildRequires: autoconf kernel-headers > 2.6.18
 # for make test
@ -26,6 +31,7 @@ line editor (readline), a program, or a combination of two of these.
 %setup -q
 iconv -f iso8859-1 -t utf-8 CHANGES > CHANGES.utf8
 mv CHANGES.utf8 CHANGES
+%autopatch -p1

 %build
 %configure  \
@ -37,23 +43,27 @@ mv CHANGES.utf8 CHANGES
        --enable-listen --enable-proxy --enable-exec \
        --enable-system --enable-pty --enable-readline \
        --enable-openssl --enable-sycls --enable-filan \
-        --enable-retry #--enable-fips
+        --enable-retry # --enable-fips

-make %{?_smp_mflags}
+%make_build

 %install
-make DESTDIR=%{buildroot} install
+ %make_install
 install -d %{buildroot}/%{_docdir}/socat
 install -m 0644 *.sh %{buildroot}/%{_docdir}/socat/
-install -m 0644 *.sh %{buildroot}/%{_docdir}/socat/
 echo ".so man1/socat.1" | gzip > %{buildroot}/%{_mandir}/man1/filan.1.gz
 cp -a %{buildroot}/%{_mandir}/man1/filan.1.gz %{buildroot}/%{_mandir}/man1/procan.1.gz

 %check
 export TERM=ansi
 export OD_C=/usr/bin/od
-# intermittently, a test sometimes just fails and hangs, mostly on arm
-#timeout 30m make test
+# intermittently, a test sometimes just fails and some just hang
+# HANGS on x86_64: 93, 323
+# FAILED on x86_64:  61 215 306 307
+# FAILED on ppc64le: 58 239
+# FAILED on armv7hl: 154 155 318 319
+#sed -i 's/NUMCOND=true/NUMCOND="test \\$N -ne 93 -a \\$N -ne 323"/' test.sh
+#make test

 %files
 %doc BUGREPORTS CHANGES DEVELOPMENT EXAMPLES FAQ PORTING
@ -65,16 +75,85 @@ export OD_C=/usr/bin/od
 %doc %{_mandir}/man1/*

 %changelog
-* Tue Mar 30 2021 Paul Wouters <pwouters@redhat.com> - 1.7.4.1-1
- Resolves: rhbz#1805132 socat does not recognize IP addresses of the SAN extensions in ssl mode
- Resolves: rhbz#1870279 Transfer via socat fails with openssl enabled
- Resolves: rhbz#1914989 Socat udp4-recvfrom cause endless loop error when target is not vaild
+* Tue Jan  7 2025 Joe Orton <jorton@redhat.com> - 1.7.4.4-8
+- add fix for CVE-2024-54661
+  Resolves: RHEL-70097
+- switch to autopatch, remove unused patches

-* Sun Dec 01 2019 Paul Wouters <pwouters@redhat.com> - 1.7.3.3-2
- Resolves: rhbz#1682464 socat changes blocked until gating tests are added
+* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 1.7.4.4-7
+- Bump release for October 2024 mass rebuild:
+  Resolves: RHEL-64018

-* Wed Nov 06 2019 Paul Wouters <pwouters@redhat.com> - 1.7.3.3-1
- Resolves: rhbz#1723581 socat-1.7.3.3 is available
+* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 1.7.4.4-6
+- Bump release for June 2024 mass rebuild
+
+* Sat Jan 27 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.4.4-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Mon Oct 02 2023 Martin Osvald <mosvald@redhat.com> - 1.7.4.4-4
+- SPDX migration
+
+* Sat Jul 22 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.4.4-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
+
+* Sat Jan 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.4.4-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
+
+* Tue Jan 17 2023 Clemens Lang <cllang@redhat.com> - 1.7.4.4-1
+- Resolves: rhbz#2038615 socat-1.7.4.4 is available
+
+* Mon Dec 12 2022 Florian Weimer <fweimer@redhat.com> - 1.7.4.2-4
+- Port configure script to C99 (#2152488)
+
+* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.4.2-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
+
+* Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.4.2-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
+
+* Mon Nov  1 2021 Davide Cavalca <dcavalca@fedoraproject.org> - 1.7.4.2-1
+- Resolves: rhbz#2018835 socat-1.7.4.2 is available
+
+* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 1.7.4.1-4
+- Rebuilt with OpenSSL 3.0.0
+
+* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.4.1-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
+
+* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.4.1-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Mon Jan 11 10:35:54 EST 2021 Paul Wouters <pwouters@redhat.com> - 1.7.4.1-1
+- Resolves: rhbz#1914653 socat-1.7.4.1 is available
+
+* Mon Jan  4 09:34:27 EST 2021 Paul Wouters <pwouters@redhat.com> - 1.7.4.0-1
+- Resolves: rhbz#1912161 socat-1.7.4.0 is available
+
+* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.3.4-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.3.4-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Mon Jan 06 2020 Paul Wouters <pwouters@redhat.com> - 1.7.3.4-1
+- Resolves: rhbz#1787954 socat-1.7.3.4 is available
+
+* Fri Jul 26 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.3.3-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Mon Jun 24 2019 Paul Wouters <pwouters@redhat.com> - 1.7.3.3-1
+- Resolves: rhbz#1696931 socat-1.7.3.3 is available
+- Resolves: rhbz#1612274 Man page scan results for socat
+- Disabled --enable-fips as its requires fipsld which we don't have.
+
+* Sun Feb 17 2019 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.7.3.2-9
+- Rebuild for readline 8.0
+
+* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.3.2-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.3.2-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

 * Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.3.2-6
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
--- a/1
+++ b/1
@ -0,0 +1 @@
+SHA512 (socat-1.7.4.4.tar.gz) = 709fd393642d4249152d75add4d489ea76e6118c9e6740e796f029e8c5ddd4f5c9218d587977fc57ada640f635a996cbbe4055275236a169881bb2be1d3e5df9
				`@ -1 +0,0 @@`
				`9fe5a0a0b13dded556a66259b68eb672b900f1d1 SOURCES/socat-1.7.4.1.tar.gz`
				`@ -0,0 +1 @@`
				`SHA512 (socat-1.7.4.4.tar.gz) = 709fd393642d4249152d75add4d489ea76e6118c9e6740e796f029e8c5ddd4f5c9218d587977fc57ada640f635a996cbbe4055275236a169881bb2be1d3e5df9`