From 3ed51b364482af64749980ed7ce67812046b1713 Mon Sep 17 00:00:00 2001 From: Tatsuya Kinoshita Date: Wed, 4 May 2011 01:44:14 +0900 Subject: Releasing debian version 0.1.10+0.1.11pre+kokb23-4 --- debian/patches/00-rxvt-mouse-support | 17 ++ debian/patches/01-w3m-dev-01500 | 152 +++++++++++++++ debian/patches/01-w3m-dev-01509 | 214 +++++++++++++++++++++ debian/patches/02-w3m-dev-01739 | 123 ++++++++++++ ...buffer-overflow-fix-backport-from-w3m-dev-02066 | 28 +++ 5 files changed, 534 insertions(+) create mode 100644 debian/patches/00-rxvt-mouse-support create mode 100644 debian/patches/01-w3m-dev-01500 create mode 100644 debian/patches/01-w3m-dev-01509 create mode 100644 debian/patches/02-w3m-dev-01739 create mode 100644 debian/patches/03-w3m-mime-buffer-overflow-fix-backport-from-w3m-dev-02066 (limited to 'debian/patches') diff --git a/debian/patches/00-rxvt-mouse-support b/debian/patches/00-rxvt-mouse-support new file mode 100644 index 0000000..be1aff7 --- /dev/null +++ b/debian/patches/00-rxvt-mouse-support @@ -0,0 +1,17 @@ +PATCH: -p0 + +--- terms.c.orig Mon Oct 30 12:16:31 2000 ++++ terms.c Thu Nov 2 18:45:58 2000 +@@ -240,7 +240,12 @@ + TerminalGet(tty, &d_ioval); + #ifdef MOUSE + term = getenv("TERM"); ++#ifdef DEBIAN ++ if (!strncmp(term, "kterm", 5) || !strncmp(term, "xterm", 5) ++ || !strncmp(term, "rxvt", 4)) { ++#else + if (!strncmp(term, "kterm", 5) || !strncmp(term, "xterm", 5)) { ++#endif + is_xterm = 1; + } + #endif diff --git a/debian/patches/01-w3m-dev-01500 b/debian/patches/01-w3m-dev-01500 new file mode 100644 index 0000000..9781ab9 --- /dev/null +++ b/debian/patches/01-w3m-dev-01500 @@ -0,0 +1,152 @@ +PATCH: -p0 +To: w3m-dev@mi.med.tohoku.ac.jp +Subject: [w3m-dev 01500] fix risky code in url.c +From: Hironori Sakamoto +Delivered-To: ukai@ukai.org +Delivered-To: ukai@debian.or.jp +Date: Wed, 13 Dec 2000 12:02:11 +0900 (JST) +Reply-To: w3m-dev@mi.med.tohoku.ac.jp +Message-Id: <200012130302.MAA21605@udlew10.uldev.lsi.nec.co.jp> +X-ML-Name: w3m-dev +X-Mail-Count: 01500 +X-MLServer: fml [fml 3.0]; post only (only members can post) +X-ML-Info: If you have a question, send e-mail with the body "help" (without quotes) to the address w3m-dev-ctl@mi.med.tohoku.ac.jp; help= +X-Sender: w3m-dev-admin@mi.med.tohoku.ac.jp + +坂本です。 + +url.c にあった危険性のあるコードを修正しました。 +local.c はおまけの修正です。 + +# m18n で URL や file 名の文字コードを真面目にチェックしている過程で +# 見つけたのですが、かなり大変。本当はオリジナル版でもやらないと +# いけないけど。 +----------------------------------- +坂本 浩則 + http://www2u.biglobe.ne.jp/~hsaka/ + +--- url.c.orig Wed Dec 13 10:39:47 2000 ++++ url.c Wed Dec 13 10:46:33 2000 +@@ -517,7 +517,7 @@ + parseURL(char *url, ParsedURL * p_url, ParsedURL * current) + { + char *p, *q; +- char tmp[LINELEN]; ++ Str tmp; + int i; + + p = url; +@@ -548,10 +548,10 @@ + ++url; + } + if (IS_ALPHA(*url) && (url[1] == ':' || url[1] == '|')) { +- if(url[1]=='|') +- url[1]=':'; + p_url->scheme = SCM_LOCAL; +- p_url->file = allocStr(url, 0); ++ p_url->file = p = allocStr(url, 0); ++ if(p[1]=='|') ++ p[1]=':'; + } + if (p_url->scheme == SCM_LOCAL) + goto analyze_file; +@@ -626,9 +626,8 @@ + p_url->host = NULL; + goto analyze_url; + } +- strncpy(tmp, q, p - q); +- tmp[p - q] = '\0'; +- p_url->port = atoi(tmp); ++ tmp = Strnew_charp_n(q, p - q); ++ p_url->port = atoi(tmp->ptr); + if (*p == '\0') { /* scheme://host:port */ + /* scheme://user@host:port */ + /* scheme://user:pass@host:port */ +@@ -675,14 +674,14 @@ + #ifdef USE_GOPHER + if (p_url->scheme == SCM_GOPHER && *p == 'R') { + p++; +- q = tmp; +- *q++ = *p++; ++ tmp = Strnew(); ++ Strcat_char(tmp, *(p++)); + while (*p && *p != '/') + p++; ++ Strcat_charp(tmp, p); + while (*p) +- *q++ = *p++; +- *q = '\0'; +- p_url->file = copyPath(tmp, -1, COPYPATH_SPC_IGNORE); ++ p++; ++ p_url->file = copyPath(tmp->ptr, -1, COPYPATH_SPC_IGNORE); + } + else + #endif /* USE_GOPHER */ +--- local.c.orig Wed Dec 13 10:39:44 2000 ++++ local.c Wed Dec 13 11:55:40 2000 +@@ -19,7 +19,7 @@ + Directory *dir; + struct stat st; + char **flist; +- char *p, *qdir, *q; ++ char *p, *qdir; + Str fbuf = Strnew(); + #ifdef READLINK + struct stat lst; +@@ -29,10 +29,10 @@ + int nfile, nfile_max = 100; + Str dirname; + +- dirname = Strnew_charp(dname); +- d = opendir(dirname->ptr); ++ d = opendir(dname); + if (d == NULL) + return NULL; ++ dirname = Strnew_charp(dname); + qdir = htmlquote_str(dirname->ptr); + tmp = Sprintf("Directory list of %s

Directory list of %s

\n", qdir, qdir); + flist = New_N(char *, nfile_max); +@@ -65,7 +65,7 @@ + if (strcmp(p, ".") == 0) + continue; + Strcopy(fbuf, dirname); +- if (Strlastchar(dirname) != '/') ++ if (Strlastchar(fbuf) != '/') + Strcat_char(fbuf, '/'); + Strcat_charp(fbuf, p); + #ifdef READLINK +@@ -76,7 +76,7 @@ + continue; + if (multicolList) { + if (n == 1) +- Strcat_charp(tmp, ""); ++ Strcat_charp(tmp, ""); + } + else { + if (S_ISDIR(st.st_mode)) +@@ -88,20 +88,16 @@ + else + Strcat_charp(tmp, "[FILE] "); + } +- q = htmlquote_str(p); +- Strcat_m_charp(tmp, "ptr[dirname->length - 1] != '/') +- Strcat_char(tmp, '/'); +- Strcat_charp(tmp, q); ++ Strcat_m_charp(tmp, "ptr), NULL); + if (S_ISDIR(st.st_mode)) + Strcat_char(tmp, '/'); +- Strcat_m_charp(tmp, "\">", q, NULL); ++ Strcat_m_charp(tmp, "\">", htmlquote_str(p), NULL); + if (S_ISDIR(st.st_mode)) + Strcat_char(tmp, '/'); + Strcat_charp(tmp, ""); + if (multicolList) { + if (n++ == nrow) { +- Strcat_charp(tmp, "\n"); ++ Strcat_charp(tmp, "\n"); + n = 1; + } + else { + + diff --git a/debian/patches/01-w3m-dev-01509 b/debian/patches/01-w3m-dev-01509 new file mode 100644 index 0000000..471e8d8 --- /dev/null +++ b/debian/patches/01-w3m-dev-01509 @@ -0,0 +1,214 @@ +PATCH: -p1 +To: w3m-dev@mi.med.tohoku.ac.jp +Subject: [w3m-dev 01509] Forward: Bug#79689: No way to view information on SSL certificates +From: Fumitoshi UKAI +Delivered-To: ukai@ukai.org +Delivered-To: ukai@debian.or.jp +Date: Sat, 16 Dec 2000 04:28:07 +0900 +Reply-To: w3m-dev@mi.med.tohoku.ac.jp +Message-Id: <87u2854h88.wl@lichee.ukai.org> +X-ML-Name: w3m-dev +X-Mail-Count: 01509 +X-MLServer: fml [fml 3.0]; post only (only members can post) +X-ML-Info: If you have a question, send e-mail with the body "help" (without quotes) to the address w3m-dev-ctl@mi.med.tohoku.ac.jp; help= +User-Agent: Wanderlust/2.2.15 (More Than Words) EMIKO/1.13.9 + (Euglena tripteris) FLIM/1.13.2 (Kasanui) APEL/10.2 Emacs/20.7 + (i386-debian-linux-gnu) MULE/4.0 (HANANOEN) +Organization: Debian JP Project +Mime-Version: 1.0 (generated by EMIKO 1.13.9 - "Euglena tripteris") +X-Sender: w3m-dev-admin@mi.med.tohoku.ac.jp + +[1 ] +w3m で #define USE_SSL (とか #define USE_SSL_VERIFY )した時でも +現状では https でつながってるかどうか、どことつながってかどうかの +情報を見ることができないのをなんとかしてほしいというレポートです。 + +現ドキュメントの情報を表示('=')で見ても SSLに関する証明書情報を +みられないのは確かに悲しいなぁ と思っていたので 適当なパッチ +つくってみました。(かなりいいかげん) + +-- +鵜飼文敏 + +[2 ] +To: Debian Bug Tracking System +Subject: Bug#79689: No way to view information on SSL certificates +From: Richard Braakman +Date: Fri, 15 Dec 2000 19:39:16 +0200 +Message-Id: +MIME-Version: 1.0 + +Package: w3m +Version: 0.1.10+0.1.11pre+kokb22-1 +Severity: wishlist + +When I'm about to submit sensitive information over a https connection, +I would like to inspect the information in the server's SSL certificate, +and ideally also the chain of trust that was used to verify that +certificate. w3m doesn't seem to have a way to do this. + +Verifying this information would give me a lot more confidence in the +security of a link. + +Richard Braakman + + +-- System Information +Debian Release: woody +Architecture: i386 +Kernel: Linux dark 2.3.49 #1 Tue Mar 7 10:37:21 EET 2000 i686 + +Versions of packages w3m depends on: +ii libc6 2.2-5 GNU C Library: Shared libraries an +ii libgc5 1:5.0.alpha4-8 Conservative garbage collector for +ii libgpmg1 1.19.3-4 General Purpose Mouse Library [lib +ii libncurses5 5.0-8 Shared libraries for terminal hand + +[3 w3m-0.1.11-pre-kokb23-ssl-cert.patch ] +diff -Nru w3m-0.1.11-pre/buffer.c w3m-0.1.11-pre-ja/buffer.c +--- w3m-0.1.11-pre/buffer.c Thu Dec 14 01:17:21 2000 ++++ w3m-0.1.11-pre-ja/buffer.c Sat Dec 16 03:58:44 2000 +@@ -40,6 +40,9 @@ + *n->clone = 1; + n->linelen = 0; + n->trbyte = 0; ++#ifdef USE_SSL ++ n->ssl_certificate = NULL; ++#endif + return n; + } + +diff -Nru w3m-0.1.11-pre/file.c w3m-0.1.11-pre-ja/file.c +--- w3m-0.1.11-pre/file.c Thu Dec 14 01:17:22 2000 ++++ w3m-0.1.11-pre-ja/file.c Sat Dec 16 04:17:42 2000 +@@ -971,6 +971,13 @@ + } + if (t_buf == NULL) + t_buf = newBuffer(INIT_BUFFER_WIDTH); ++#ifdef USE_SSL ++ if (IStype(f.stream) == IST_SSL) { ++ Str s = ssl_get_certificate(f.stream); ++ if (s != NULL) ++ t_buf->ssl_certificate = s->ptr; ++ } ++#endif + readHeader(&f, t_buf, FALSE, &pu); + t = checkContentType(t_buf); + if (t == NULL) +@@ -1214,6 +1221,13 @@ + t_buf = newBuffer(INIT_BUFFER_WIDTH); + t_buf->bufferprop |= BP_FRAME; + } ++#ifdef USE_SSL ++ if (IStype(f.stream) == IST_SSL) { ++ Str s = ssl_get_certificate(f.stream); ++ if (s != NULL) ++ t_buf->ssl_certificate = s->ptr; ++ } ++#endif + b = loadSomething(&f, pu.file, proc, t_buf); + UFclose(&f); + if (b) { +diff -Nru w3m-0.1.11-pre/fm.h w3m-0.1.11-pre-ja/fm.h +--- w3m-0.1.11-pre/fm.h Thu Dec 14 01:17:22 2000 ++++ w3m-0.1.11-pre-ja/fm.h Sat Dec 16 03:58:08 2000 +@@ -343,6 +343,9 @@ + FormItemList *form_submit; + char *savecache; + char *edit; ++#ifdef USE_SSL ++ char *ssl_certificate; ++#endif + } Buffer; + + #define NO_BUFFER ((Buffer*)1) +diff -Nru w3m-0.1.11-pre/html.h w3m-0.1.11-pre-ja/html.h +--- w3m-0.1.11-pre/html.h Thu Dec 14 01:17:22 2000 ++++ w3m-0.1.11-pre-ja/html.h Sat Dec 16 03:54:34 2000 +@@ -2,6 +2,8 @@ + #ifndef _HTML_H + #define _HTML_H + #ifdef USE_SSL ++#include ++#include + #include + #endif /* USE_SSL */ + +diff -Nru w3m-0.1.11-pre/istream.c w3m-0.1.11-pre-ja/istream.c +--- w3m-0.1.11-pre/istream.c Thu Dec 14 01:17:22 2000 ++++ w3m-0.1.11-pre-ja/istream.c Sat Dec 16 04:19:59 2000 +@@ -328,6 +328,33 @@ + } + } + ++#ifdef USE_SSL ++Str ++ssl_get_certificate(InputStream stream) ++{ ++ BIO *bp; ++ X509 *x; ++ char *p; ++ int len; ++ Str s; ++ if (stream == NULL) ++ return NULL; ++ if (IStype(stream) != IST_SSL) ++ return NULL; ++ if (stream->ssl.handle == NULL) ++ return NULL; ++ x = SSL_get_peer_certificate(stream->ssl.handle->ssl); ++ if (x == NULL) ++ return NULL; ++ bp = BIO_new(BIO_s_mem()); ++ X509_print(bp, x); ++ len = (int)BIO_ctrl(bp, BIO_CTRL_INFO,0,(char *)&p); ++ s = Strnew_charp_n(p, len); ++ BIO_free_all(bp); ++ return s; ++} ++#endif ++ + /* Raw level input stream functions */ + + static void +diff -Nru w3m-0.1.11-pre/istream.h w3m-0.1.11-pre-ja/istream.h +--- w3m-0.1.11-pre/istream.h Thu Dec 14 01:17:22 2000 ++++ w3m-0.1.11-pre-ja/istream.h Sat Dec 16 03:54:52 2000 +@@ -4,6 +4,8 @@ + + #include + #ifdef USE_SSL ++#include ++#include + #include + #endif + #include "Str.h" +@@ -121,6 +123,9 @@ + extern Str StrmyISgets(InputStream stream); + extern int ISread(InputStream stream, Str buf, int count); + extern int ISfileno(InputStream stream); ++#ifdef USE_SSL ++extern Str ssl_get_certificate(InputStream stream); ++#endif + + #define IST_BASIC 0 + #define IST_FILE 1 +diff -Nru w3m-0.1.11-pre/map.c w3m-0.1.11-pre-ja/map.c +--- w3m-0.1.11-pre/map.c Thu Dec 14 01:17:22 2000 ++++ w3m-0.1.11-pre-ja/map.c Sat Dec 16 03:59:50 2000 +@@ -179,6 +179,14 @@ + append_frame_info(tmp, f_set, 0); + Strcat_charp(tmp, ""); + } ++#ifdef USE_SSL ++ if (buf->ssl_certificate == NULL) ++ goto end; ++ Strcat_charp(tmp, "

SSL certificate

\n"); ++ Strcat_charp(tmp, "
\n");
++    Strcat_charp(tmp, buf->ssl_certificate);
++    Strcat_charp(tmp, "
\n"); ++#endif + end: + Strcat_charp(tmp, ""); + return loadHTMLString(tmp); +[4 ] diff --git a/debian/patches/02-w3m-dev-01739 b/debian/patches/02-w3m-dev-01739 new file mode 100644 index 0000000..2004d9e --- /dev/null +++ b/debian/patches/02-w3m-dev-01739 @@ -0,0 +1,123 @@ +PATCH: -p0 +To: w3m-dev@mi.med.tohoku.ac.jp +Cc: kiwamu +Subject: [w3m-dev 01739] ホイールマウス対応 patch +From: kiwamu +Delivered-To: ukai@ukai.org +Delivered-To: ukai@debian.or.jp +Date: Sun, 18 Feb 2001 02:24:27 +0900 +Reply-To: w3m-dev@mi.med.tohoku.ac.jp +Message-Id: <20010218022427.A3347@casper.m01.htmnet.ne.jp> +X-ML-Name: w3m-dev +X-Mail-Count: 01739 +X-MLServer: fml [fml 3.0]; post only (only members can post) +X-ML-Info: If you have a question, send e-mail with the body "help" (without quotes) to the address w3m-dev-ctl@mi.med.tohoku.ac.jp; help= +Resent-From: kiwamu@misterdosv.eei.metro-u.ac.jp +Content-Disposition: inline +User-Agent: Mutt/1.2.5i-jp0 +Resent-Date: Sun, 18 Feb 2001 04:39:48 +0900 +Resent-To: w3m-dev@mi.med.tohoku.ac.jp +Mime-Version: 1.0 +Content-Transfer-Encoding: 7bit +Resent-Sender: w3m-dev-admin@mi.med.tohoku.ac.jp + + こんにちは。岡部究と申します。 +あの岡部克也さんとは別人です。(^^;; + +w3mをホイールマウス対応させてみました。 +rxvtとxtermで使用できます。 +ktermだとホイールの上下が同じコントロールコードを返してしまうので +実現不可能みたいです。 + +------------------------------ w3m-wheel.patch ------------------------------ + +--- main.c Wed Feb 7 01:53:49 2001 ++++ main.c Sun Feb 18 02:05:41 2001 +@@ -3461,14 +3461,19 @@ + #define MOUSE_BTN1_DOWN 0 + #define MOUSE_BTN2_DOWN 1 + #define MOUSE_BTN3_DOWN 2 ++#define MOUSE_BTN4_DOWN_RXVT 3 ++#define MOUSE_BTN5_DOWN_RXVT 4 ++#define MOUSE_BTN4_DOWN_XTERM 64 ++#define MOUSE_BTN5_DOWN_XTERM 65 + #define MOUSE_BTN_UP 3 +- ++#define MOUSE_BTN_RESET -1 ++#define MOUSE_SCROLL_LINE 5 + + static void + process_mouse(int btn, int x, int y) + { +- int delta_x, delta_y; +- static int press_btn, press_x, press_y; ++ int delta_x, delta_y, i; ++ static int press_btn = MOUSE_BTN_RESET, press_x, press_y; + + if (btn == MOUSE_BTN_UP) { + switch (press_btn) { +@@ -3547,12 +3552,29 @@ + mainMenu(x, y); + #endif /* MENU */ + break; ++ case MOUSE_BTN4_DOWN_RXVT: ++ for (i = 0; i < MOUSE_SCROLL_LINE; i++) ++ ldown1(); ++ break; ++ case MOUSE_BTN5_DOWN_RXVT: ++ for (i = 0; i < MOUSE_SCROLL_LINE; i++) ++ lup1(); ++ break; + } ++ } else if (btn == MOUSE_BTN4_DOWN_XTERM) { ++ for (i = 0; i < MOUSE_SCROLL_LINE; i++) ++ ldown1(); ++ } else if (btn == MOUSE_BTN5_DOWN_XTERM) { ++ for (i = 0; i < MOUSE_SCROLL_LINE; i++) ++ lup1(); + } +- else { ++ ++ if (btn != MOUSE_BTN4_DOWN_RXVT || press_btn == MOUSE_BTN_RESET) { + press_btn = btn; + press_x = x; + press_y = y; ++ } else { ++ press_btn = MOUSE_BTN_RESET; + } + } + +--- menu.c Wed Feb 7 01:53:49 2001 ++++ menu.c Sun Feb 18 02:05:50 2001 +@@ -1067,14 +1067,20 @@ + #define MOUSE_BTN1_DOWN 0 + #define MOUSE_BTN2_DOWN 1 + #define MOUSE_BTN3_DOWN 2 ++#define MOUSE_BTN4_DOWN_RXVT 3 ++#define MOUSE_BTN5_DOWN_RXVT 4 ++#define MOUSE_BTN4_DOWN_XTERM 64 ++#define MOUSE_BTN5_DOWN_XTERM 65 + #define MOUSE_BTN_UP 3 ++#define MOUSE_BTN_RESET -1 ++#define MOUSE_SCROLL_LINE 5 + + static int + process_mMouse(int btn, int x, int y) + { + Menu *menu; + int select; +- static int press_btn, press_x, press_y; ++ static int press_btn = MOUSE_BTN_RESET, press_x, press_y; + char c = ' '; + + menu = CurrentMenu; + +------------------------------ w3m-wheel.patch ------------------------------ + +-- +Tokyo Metropolitan University Kiwamu Okabe + Mail: kiwamu@debian.or.jp + URL: http://silica.eei.metro-u.ac.jp/~kiwamu/ + + + diff --git a/debian/patches/03-w3m-mime-buffer-overflow-fix-backport-from-w3m-dev-02066 b/debian/patches/03-w3m-mime-buffer-overflow-fix-backport-from-w3m-dev-02066 new file mode 100644 index 0000000..7c47d04 --- /dev/null +++ b/debian/patches/03-w3m-mime-buffer-overflow-fix-backport-from-w3m-dev-02066 @@ -0,0 +1,28 @@ +--- mimehead.c.orig Tue Jun 6 14:39:13 2000 ++++ mimehead.c Wed Jun 20 11:21:02 2001 +@@ -166,21 +166,20 @@ + Str + decodeWord(char **ow) + { +- char charset[32]; + char *p, *w = *ow; + char method; + Str a = Strnew(); ++ Str charset = Strnew(); + + if (*w != '=' || *(w + 1) != '?') + goto convert_fail; + w += 2; +- for (p = charset; *w != '?'; w++) { ++ for (; *w != '?'; w++) { + if (*w == '\0') + goto convert_fail; +- *(p++) = *w; ++ Strcat_char(charset, *w); + } +- *p = '\0'; +- if (strcasecmp(charset, J_CHARSET) != 0) { ++ if (Strcasecmp_charp(charset, J_CHARSET) != 0) { + /* NOT ISO-2022-JP encoding ... don't convert */ + goto convert_fail; + } -- cgit v1.2.3