This is an archive of jabberd patches which have already been included in released versions.
| # | Patch | Included in ver |
Purpose | Bugs | Submitter | Comments |
| 1 | patch-io.c | 2.0s4 | Fix race condition allowing c2s to be killed | 3983 | Stephen Marquard | jabberd list post |
| 2 | patch-s2s-main.c | 2.0s4 | Fix off-by-one bug in s2s/main.c leading to segfault on startup in some environments | 4029, 4072, 4103 | Various | Buffer overflow. |
| 3 | patch-sm.c | 2.0s4 | Fix memory leak in sm | 3637, 4173 | Michal Kára | jabberd list post. There may be further memory leaks in sm. |
| 4 | patch-ssl.c | 2.0s4 | Fix problem relating to SSL connections not being closed correctly | 3965, also 3350? | Nathan Christiansen | jabberd list post |
| 5 | patch-sm-mod_announce.c | 2.0s4 | Fixes 3 problems in mod_announce: (a) NAD freed before use, (b) struct tm not initialised correctly on some platforms, and (c) time not initialised for broadcast motd messages delivered to online users. | 4227 (c) | Stephen Marquard | |
| 6 | patch-util-nad.c | 2.0s4 | Fixes insertion of extra namespace in <x xmlns='jabber:x:delay' ...> element in some types of messages retrieved from offline queue, which causes a parse error in the router. | 4294 | Matthew Buckett | jabberd list post |
| 7 | patch-scod-mech_plain.c | 2.0s4 | Fixes off-by-one bug in PLAIN SASL authentication code. | 3838 | Robert Theisen | May also resolve a number of other bugs relating to c2s authentication |
| 8 | patch-sm-pkt.c | 2.0s4 | Check return value of jid_new() in pkt.c to avoid sm segfault from dereferencing NULL pointer, triggered by a message with a to JID of the form "@some.server@" | 3758 | Stephen Marquard | Diagnosed by legoscia |
| 9 | patch-nad-cache | 2.0s4 | Avoid adding nads to the cache that are created through nad_copy() | 3637, 4173 | Stephen Marquard | Improves memory usage of sm. See description on jabberd list. |
| 10 | patch-util-xhash.c | 2.0s4 | Fixes bug in retrieving hash values | 3304 | Stephen Marquard | Fixes problem where two JIDs A and B with A's node a substring of B's node can be confused by the hash function. |
| 11 | patch-pool-cleanup | 2.0s4 | Improves performance of pool cleanup function | 4286 | Stephen Marquard | Significantly speeds up loading users with large rosters (> 500 entries) |
| 28* | patch-jedi8-sm-object_c | 2.0s5 | Remove incorrect semicolumn from os_object_free() in sm/object.c | 4438 | Jedi/Sector One | Typographical error in code - could lead to memory not being freed correctly |
| 29* | patch-jedi-mysql-storage | 2.0s5 | Fixes to mysql storage for boundary conditions | Jedi/Sector One | Apply if using mysql storage. | |
| 30* | patch-base64 | 2.0s5 | Fix length-related issues in base64 decoding routines | Christof Meerwald | See mailing list post. Could affect authentication in c2s. | |
| 31* | patch-sm-storage_db | 2.0s5 | Fixes to storage_db.c to avoid roster corruption: "sm/storage_db inserts items in the filter hash table with keys which are located on the stack. This creates confusion when the code later tries to compare with these keys." | 4448 | Martin Forssen | Apply if using bdb storage. |
| 32* | patch-nad-escape | 2.0s5 | Fixes bug in _nad_escape() where escaping ]]> can cause a segfault when handling large messages where nad_realloc is called. | 4264 | Stephen Marquard | |
| 38* | patch-jedi-pgsql-storage | 2.0s5 | Fixes to pgsql storage for boundary conditions and incorrect buffer length calculation | Jedi/Sector One | Apply if using postgresql storage. | |
| 46* | patch-memleaks | 2.0s5 | Fix minor memory leaks in digest-md5 authentication and nad_free() | 4452 | Martin Forssen | |
| 47* | patch-ns-fix | 2.0s5 | Fixes omission of namespace declaration where a namespace has already been used in the XML stanza | 3975 | Stephen Marquard | See bug report for description. |
| 48* | patch-sm-nad-triplet | 2.0s5 | Fixes omission of prefix on attributes processed by nad_parse (e.g. in queue storage) | 3995 | Stephen Marquard | |
| 49* | patch-mod_disco_publish | 2.0s5 | Corrects check for deleting previously published disco items from "delete" to "remove" (as per JEP-0030). | 4073 | Stephen Marquard | Identified by ralphm. |
| 50* | patch-sm-filter | 2.0s5 | Alters filter handling and adds mysql/pgsql escaping on filter strings to allow brackets and apostrophes in resource names that form part of JIDs stored as roster entries | 3239 | Stephen Marquard | |
| 58* | patch-c2s-buffers | 2.0s5 | Fixes buffer overflow that can lead to segfault in c2s mysql and pgsql auth modules - see report by icbm (www.venustech.com.cn): CAN-2004-0953 / bugtraq ID 11741. | 4528 | Stephen Marquard | Apply if using mysql or pgsql for c2s authentication |
| 59* | patch-c2s-pipe2 | 2.0s6 | Fix base64 encoding length in authreg_pipe.c | Stephen Marquard | Apply if using pipe authentication in c2s. Diagnosed by Jerome Vandenabeele | |
| 60* | patch-s2s-ssl-startup | 2.0s6 | Fixes segfault on s2s startup on some platforms when ssl is enabled (local pemfile defined in s2s.xml) | 4552 | Stephen Marquard | |
| 67* | patch-sm-offline-event (replaces #66) | 2.0s6 | mod_offline handling of jabber:x:event client requests (JEP-0022) can lead to a loop repeatedly adding duplicates to the offline queue under certain race conditions. | 4571 | Stephen Marquard | Correctly detect jabber:x:event notifications and do not respond to them as requests. |
| 72* | patch-pres-jids | 2.0s6 | Check for invalid jids in directed presence packets | Stephen Marquard | Based on bug report by Christopher Zorn |
| # | Patch | Included in ver | Purpose | Bugs | Submitter | Comments |
| 12b | patch-vcard-v2 (obsoletes patch-mod_iq_vcard.c) |
2.0s4 | Corrects handling of EMAIL, TEL and ADR/CTRY elements in vcards for JEP-0054 compliance | 3945, 4390 | Stephen Marquard | |
| 14 | patch-v2-sm-pres.c (obsoletes patch-sm-pres.c) |
2.0s4 | Optimises sm algorithm for announcing presence to skip presence announcements and probes for users on the same server who are not online | N/A | Stephen Marquard | Speeds up initial login for users with large rosters mostly containing users on the same server |
| 15 | patch-sm-storage-check | 2.0s4 | Check that storage drivers are initialised correctly; if not, abort. | 4308 | Stephen Marquard | Avoids sm running in a state where no users can be loaded (typically where c2s is using pam or ldap, and mysql or postgres server is not running when sm loads). |
| 16 | (See bug report) | 2.0s4 | Fix file descriptor leak in storage_fs | 4315 | ? | Apply if using filesystem storage |
| 27b* | patch-jsignal (corrected version of patch-signal) | 2.0s5 | Replaces signal() with sigaction() to correct signal handling on SunOS | 4431 | Martin Forssen | Currently the jabber programs use signal() to install a signal handler. The problem with this approach is that on SunOS the signal handler gets reset to the default handler after having triggered once. This makes it possible to send a SIGHUP to rotate the logs once but the second time the daemons die. The solution is to use sigaction() instead of signal(). |
| 37* | see jabberd list | 2.0s5 | Avoid crash in some versions of FreeBSD / DragonFlyBSD | Jedi / Sector One | When a TCP socket is accepted and the immediately closed, the client address is not filled, but accept() does return a descriptor. It can be triggered with nmap -sT. The type of the length of a socket is also socklen_t, not size_t. | |
| 51* | patch-v2-nad-marking | 2.0s5 | Resolves problems with strings starting "NAD" being interpreted as xml in mysql/postgresql storage | 3985 | Stephen Marquard | Does not require any db changes to implement. Needs testing - please try out and send feedback. |
| 54* | patch-config-updates | 2.0s5 | Updates to etc/c2s.xml.dist.in and etc/s2s.xml.dist.in for c2s certificate chains and s2s ssl connections (patches #25b and #17). | Stephen Marquard | ||
| 55* | patch-pipe-pwdencoding | 2.0s5 | Corrects pipe_authreg to correctly base64-encode passwords for SET-PASSWORD and CHECK-PASSWORD calls. | 4521 | Stephen Marquard (from dgbbk) | Apply if using pipe authentication. Note that this will change the previous (incorrect) behaviour for SET-PASSWORD and CHECK-PASSWORD which was to pass the password unencoded. |
| 56* | patch-authreg-tidyup | 2.0s5 | Correctly free storage instance before c2s exit in cases where storage driver fails to initialise | Cameron Moore | ||
| 61* | patch-authreg_ldap-memleak | 2.0s6 | Fixes minor memory leaks in authreg_ldap | Ilja Booij | Apply if using LDAP c2s authentication | |
| 62* | patch-sm-object-fix | 2.0s6 | Fixes error in storage filter code using bdb storage causing sm crash | 4572 | Stephen Marquard | Apply if using bdb storage |
| 63* | patch-mysql-indexes | 2.0s6 | Changes incorrectly indexed primary keys to non-unique indexes, adds other indexes for efficiency, and changes type of xml field to increase max allowed length | Stephen Marquard | Use db-update.mysql to update an existing mysql jabberd2 database. | |
| 41* | see jabberd list | 2.0s6 | Paranoia, ensure than srv->name is nul terminated. | Jedi/Sector One | Relevant for Win32 name resolution |
| # | Patch | Included in ver | Purpose | Bugs | Submitter | Comments |
| 17 | SSL certificate chaining | 2.0s4 | Allows c2s to supply a certificate chain to clients | 3367 | Iain MacDonnell | |
| 25b* | patch-s2s-ssl-v2 (replaces patch-s2s-ssl) |
2.0s5 | Adds SSL support to s2s (server-server) connections | FR 3389 |
Stephen Marquard | Please try out and send feedback. Add a <pemfile> entry in the <local> section of s2s.xml to enable. |
| 18* | patch-ldap-retry | 2.0s6 | Repeat LDAP bind if first attempt fails | 3320 | Rich | See bug report for changes to c2s/authreg_ldap.c line 144 |
| 33b* | patch-v2-jabberd-wrapper | 2.0s6 | Allows jabberd to start new components and place itself in the background (backwards-compatible with old version; does not change default behaviour) | Richard Bullington-McGuire (original ver) | * Additional components defined in jabberd.cfg get started as long as
they are in the same directory as the jabberd script (useful for mu-conference
installed through jcr) * The script can daemonize itself with the "-b" switch after starting the various programs it watches over, unless the debug option is set. |
| # | Patch | Included in ver | Purpose | Bugs | Submitter | Comments |
| 34* | see jabberd list | 2.0s5 | Autoconf fixups to find libraries | Jedi/Sector One | ||
| 35* | see jabberd list | 2.0s5 | Dummy debug_log | Jedi/Sector One | Without -O, gcc 2.95 doesn't kill "if (0) debug_log", and executable files can't be built because debug_log() is missing. | |
| 36* | see jabberd list | 2.0s5 | AC_DEFINE() descriptions | Jedi/Sector One | AC_DEFINE() needs a description, or recent autoheader versions may cry. | |
| 39* | see jabberd list | 2.0s5 | Reorder socket include | Jedi/Sector One | Socket-related header files should be included before util_compat.h
to avoid redefinitions of AF_INET6/PF_INET6 and other possible clashes. The have also been reorder to improve portability. jabberd can now compile on OpenBSD. |
|
| 40* | see jabberd list | 2.0s5 | No need to define debug_flag if the DEBUG macro is undefined. | Jedi/Sector One | ||
| 42* | see jabberd list | 2.0s5 | uint8_t can be not large enough to store a sockaddr_storage size. At least on OpenBSD, it's definitely too small. | Jedi/Sector One | ||
| 43* | see jabberd list | 2.0s5 | Use sig_atomic_t in signal handlers | Jedi/Sector One | The only type of object that can reliably be changed through a signal handler is sig_atomic_t, *not* int. | |
| 44* | see jabberd list | 2.0s5 | Include <ctype.h> | Jedi/Sector One | Since we use isspace(), <ctype.h> needs to be included. | |
| 45* | see jabberd list | 2.0s5 | Try /usr/local/include/{my,postgre}sql | Jedi/Sector One | It's rather common to have MySQL headers in /usr/local/include/mysql. So look up here in addition to /usr/include/mysql/, ditto for postgresql. |
|
| 65* | patch-util.h-inctypes | 2.0s6 | Include sys/types.h if available in util.h inter alia for FreeBSD | Stephen Marquard | This patch is in the ports collection, but some other environments also need this change. | |
| 69* | patch-cleanup-hpux | 2.0s6 | Minor code cleanups for compilation on HP-UX | Christof Meerwald | ||
| 70* | patch-config-resolv | 2.0s6 | Fix configure.in for correct handling of resolv.h | Magnus Henoch | Apply to CVS before running bootstrap (not applicable to released versions or cvs snapshots) | |
| 71* | patch-config-resquery | 2.0s6 | Include resquery checks from MAIN cvs branch in 2.0 | Christof Meerwald | Apply to CVS before running bootstrap (not applicable to released versions or cvs snapshots) |
Last updated 12 Dec 2004
Stephen Marquard
Email: scm@marquard.net
JID: scm@jabberafrica.org