r1129 - in /experimental/evolution-data-server/debian: changelog patches/67_detect-change-signed-messages.patch

Sun Mar 8 10:00:29 UTC 2009

Author: corsac
Date: Sun Mar  8 10:00:28 2009
New Revision: 1129

URL: http://svn.debian.org/wsvn/pkg-evolution/?sc=1&rev=1129
Log:
* debian/patches:
  - debian/patches/67_detect-change-signed-messages added.    closes: #508479

Added:
    experimental/evolution-data-server/debian/patches/67_detect-change-signed-messages.patch
Modified:
    experimental/evolution-data-server/debian/changelog

Modified: experimental/evolution-data-server/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-evolution/experimental/evolution-data-server/debian/changelog?rev=1129&op=diff
==============================================================================

--- experimental/evolution-data-server/debian/changelog (original)
+++ experimental/evolution-data-server/debian/changelog Sun Mar  8 10:00:28 2009
@@ -1,3 +1,10 @@
+evolution-data-server (2.24.5-2) UNRELEASED; urgency=low
+
+  * debian/patches:
+    - debian/patches/67_detect-change-signed-messages added.    closes: #508479
+
+ -- Yves-Alexis Perez <corsac at debian.org>  Sun, 01 Mar 2009 14:58:11 +0100
+
 evolution-data-server (2.24.5-1) experimental; urgency=low
 
   * New upstream release.

Added: experimental/evolution-data-server/debian/patches/67_detect-change-signed-messages.patch
URL: http://svn.debian.org/wsvn/pkg-evolution/experimental/evolution-data-server/debian/patches/67_detect-change-signed-messages.patch?rev=1129&op=file
==============================================================================
--- experimental/evolution-data-server/debian/patches/67_detect-change-signed-messages.patch (added)
+++ experimental/evolution-data-server/debian/patches/67_detect-change-signed-messages.patch Sun Mar  8 10:00:28 2009
@@ -1,0 +1,105 @@
+diff --exclude-from=/home/dang/.scripts/diffrc -up -ruN evolution-data-server-2.24.5.orig/camel/camel-smime-context.c evolution-data-server-2.24.5/camel/camel-smime-context.c
+--- evolution-data-server-2.24.5.orig/camel/camel-smime-context.c	2008-09-22 06:53:58.000000000 -0400
++++ evolution-data-server-2.24.5/camel/camel-smime-context.c	2009-03-07 14:52:57.000000000 -0500
+@@ -40,6 +40,7 @@
+ #include <smime.h>
+ #include <pkcs11t.h>
+ #include <pk11func.h>
++#include <secoid.h>
+ 
+ #include <errno.h>
+ 
+@@ -534,6 +535,7 @@ sm_verify_cmsg(CamelCipherContext *conte
+ 	for (i = 0; i < count; i++) {
+ 		NSSCMSContentInfo *cinfo = NSS_CMSMessage_ContentLevel(cmsg, i);
+ 		SECOidTag typetag = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
++		int which_digest;
+ 
+ 		switch (typetag) {
+ 		case SEC_OID_PKCS7_SIGNED_DATA:
+@@ -543,44 +545,49 @@ sm_verify_cmsg(CamelCipherContext *conte
+ 				goto fail;
+ 			}
+ 
+-			/* need to build digests of the content */
+-			if (!NSS_CMSSignedData_HasDigests(sigd)) {
+-				if (extstream == NULL) {
+-					camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Digests missing from enveloped data"));
+-					goto fail;
+-				}
+-
+-				if ((poolp = PORT_NewArena(1024)) == NULL) {
+-					camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, g_strerror (ENOMEM));
+-					goto fail;
+-				}
+-
+-				digestalgs = NSS_CMSSignedData_GetDigestAlgs(sigd);
+-				
+-				digcx = NSS_CMSDigestContext_StartMultiple(digestalgs);
+-				if (digcx == NULL) {
+-					camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot calculate digests"));
+-					goto fail;
+-				}
+-
+-				mem = (CamelStreamMem *)camel_stream_mem_new();
+-				camel_stream_write_to_stream(extstream, (CamelStream *)mem);
+-				NSS_CMSDigestContext_Update(digcx, mem->buffer->data, mem->buffer->len);
+-				camel_object_unref(mem);
+-
+-				if (NSS_CMSDigestContext_FinishMultiple(digcx, poolp, &digests) != SECSuccess) {
+-					camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot calculate digests"));
+-					goto fail;
+-				}
+-
+-				if (NSS_CMSSignedData_SetDigests(sigd, digestalgs, digests) != SECSuccess) {
+-					camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot set message digests"));
+-					goto fail;
+-				}
+ 
+-				PORT_FreeArena(poolp, PR_FALSE);
+-				poolp = NULL;
++			if (extstream == NULL) {
++				set_nss_error (ex, _("Digests missing from enveloped data"));
++  				goto fail;
++			}
++  
++			if ((poolp = PORT_NewArena(1024)) == NULL) {
++				set_nss_error (ex, g_strerror (ENOMEM));
++				goto fail;
+ 			}
++ 
++			digestalgs = NSS_CMSSignedData_GetDigestAlgs(sigd);
++			
++			digcx = NSS_CMSDigestContext_StartMultiple(digestalgs);
++			if (digcx == NULL) {
++				set_nss_error (ex, _("Cannot calculate digests"));
++				goto fail;
++			}
++  
++			mem = (CamelStreamMem *)camel_stream_mem_new();
++			camel_stream_write_to_stream(extstream, (CamelStream *)mem);
++			NSS_CMSDigestContext_Update(digcx, mem->buffer->data, mem->buffer->len);
++			camel_object_unref(mem);
++  
++			if (NSS_CMSDigestContext_FinishMultiple(digcx, poolp, &digests) != SECSuccess) {
++				set_nss_error (ex, _("Cannot calculate digests"));
++				goto fail;
++			}
++  
++			for (which_digest = 0; digests[which_digest] != NULL; which_digest++) {
++				SECOidData *digest_alg = SECOID_FindOID (&digestalgs[which_digest]->algorithm);
++				if (digest_alg == NULL) {
++					set_nss_error (ex, _("Cannot set message digests"));
++  					goto fail;
++  				}
++				if (NSS_CMSSignedData_SetDigestValue (sigd, digest_alg->offset, digests[which_digest]) != SECSuccess) {
++					set_nss_error (ex, _("Cannot set message digests"));
++					goto fail;
++  				}
++  			}
++  
++			PORT_FreeArena(poolp, PR_FALSE);
++			poolp = NULL;
+ 
+ 			/* import all certificates present */
+ 			if (NSS_CMSSignedData_ImportCerts(sigd, p->certdb, certUsageEmailSigner, PR_TRUE) != SECSuccess) {


