Add support of samba (ntlm_auth) and gi-docgen package

SPECS-EXTENDED/libldb/libldb.spec → SPECS/libldb/libldb.spec

@@ -21,7 +21,7 @@ URL: http://ldb.samba.org/
 Source0: https://www.samba.org/ftp/ldb/ldb-%{version}.tar.gz
 Source1: https://www.samba.org/ftp/ldb/ldb-%{version}.tar.asc
 # gpg2 --no-default-keyring --keyring ./ldb.keyring --recv-keys 9147A339719518EE9011BCB54793916113084025
-Source2: ldb.keyring
+#Source2: ldb.keyring
 Source3: %{name}-LICENSE.txt
 
 # Patches
@@ -123,7 +123,7 @@ sed -e 's/5000/15000/' -i tests/ldb_kv_ops_test.c
 %endif
 
 %build
-zcat %{SOURCE0} | gpgv2 --quiet --keyring %{SOURCE2} %{SOURCE1} -
+#zcat %{SOURCE0} | gpgv2 --quiet --keyring %{SOURCE2} %{SOURCE1} -
 
 # workaround for https://bugzilla.redhat.com/show_bug.cgi?id=1217376
 export python_LDFLAGS=""

SPECS/libsoup/0c8c8795f08abb95161c610a0a6dff22d45742d4.patch

@@ -0,0 +1,25 @@
+From 0c8c8795f08abb95161c610a0a6dff22d45742d4 Mon Sep 17 00:00:00 2001
+From: Michael Catanzaro <mcatanzaro@redhat.com>
+Date: Wed, 30 Apr 2025 11:49:45 -0500
+Subject: [PATCH] server-test: Fix use of g_test_bug()
+
+---
+ tests/server-test.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/tests/server-test.c b/tests/server-test.c
+index 8d0c38bb0..f5953b6ca 100644
+--- a/tests/server-test.c
++++ b/tests/server-test.c
+@@ -255,7 +255,7 @@ do_invalid_percent_encoding_paths_test (ServerData *sd, gconstpointer test_data)
+ 	SoupMessage *msg;
+ 	GUri *uri;
+
+-	g_test_bug ("262");
++	g_test_bug ("https://gitlab.gnome.org/GNOME/libsoup/-/issues/262");
+
+ 	session = soup_test_session_new (NULL);
+
+-- 
+GitLab
+

SPECS/libsoup/475.patch

@@ -0,0 +1,74 @@
+From 553b4a442ddfe7e6fc809e51877fcb0e5ef887d5 Mon Sep 17 00:00:00 2001
+From: Fabio Manganiello <fabio@manganiello.tech>
+Date: Tue, 15 Jul 2025 15:41:47 +0200
+Subject: [PATCH] soup-init: Use libdl instead of gmodule in `soup2_is_loaded`
+ check
+
+Calling `g_module_open` in the library constructor can cause deadlocks
+when libsoup is used with other libraries that also contend for GLib
+mutexes. `dlopen` should be used instead.
+
+GLib issue: https://gitlab.gnome.org/GNOME/glib/-/issues/1443
+GLib docs: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4691
+
+Fixes https://gitlab.gnome.org/GNOME/libsoup/-/issues/463
+
+Co-authored-by: Nirbheek Chauhan <nirbheek@centricular.com>
+---
+ libsoup/soup-init.c | 28 +++++++++++++++++-----------
+ 1 file changed, 17 insertions(+), 11 deletions(-)
+
+diff --git a/libsoup/soup-init.c b/libsoup/soup-init.c
+index 8a33c77d0..3392e8ec2 100644
+--- a/libsoup/soup-init.c
++++ b/libsoup/soup-init.c
+@@ -10,7 +10,6 @@
+ #endif
+
+ #include <glib/gi18n-lib.h>
+-#include <gmodule.h>
+ #include "gconstructor.h"
+
+ #ifdef G_OS_WIN32
+@@ -18,21 +17,28 @@
+ #include <windows.h>
+
+ HMODULE soup_dll;
++#else
++#include <dlfcn.h>
+ #endif
+
+ static gboolean
+ soup2_is_loaded (void)
+ {
+-    GModule *module = g_module_open (NULL, 0);
+-    gpointer func;
+-    gboolean result = FALSE;
+-
+-    if (g_module_symbol (module, "soup_uri_new", &func))
+-        result = TRUE;
+-
+-    g_module_close (module);
+-
+-    return result;
++	gboolean result = FALSE;
++
++	/* Skip on PE/COFF, as it doesn't have a flat symbol namespace */
++#ifndef G_OS_WIN32
++	gpointer handle;
++	gpointer func;
++
++	handle = dlopen (NULL, RTLD_LAZY | RTLD_GLOBAL);
++	if (handle != NULL) {
++		func = dlsym (handle, "soup_uri_new");
++		result = (func != NULL);
++		dlclose (handle);
++	}
++#endif
++	return result;
+ }
+
+ static void
+-- 
+GitLab
+

SPECS/libsoup/CVE-2025-4945.patch

@@ -0,0 +1,106 @@
+From 8988379984e33dcc7d3aa58551db13e48755959f Mon Sep 17 00:00:00 2001
+From: Milan Crha <mcrha@redhat.com>
+Date: Thu, 15 May 2025 07:59:14 +0200
+Subject: soup-date-utils: Add value checks for date/time parsing
+
+Reject date/time when it does not represent a valid value.
+
+Closes https://gitlab.gnome.org/GNOME/libsoup/-/issues/448
+
+diff --git a/libsoup/soup-date-utils.c b/libsoup/soup-date-utils.c
+index fd785f50..34ca9950 100644
+--- a/libsoup/soup-date-utils.c
++++ b/libsoup/soup-date-utils.c
+@@ -129,7 +129,7 @@ parse_day (int *day, const char **date_string)
+ 	while (*end == ' ' || *end == '-')
+ 		end++;
+ 	*date_string = end;
+-	return TRUE;
++	return *day >= 1 && *day <= 31;
+ }
+
+ static inline gboolean
+@@ -169,7 +169,7 @@ parse_year (int *year, const char **date_string)
+ 	while (*end == ' ' || *end == '-')
+ 		end++;
+ 	*date_string = end;
+-	return TRUE;
++	return *year > 0 && *year < 9999;
+ }
+
+ static inline gboolean
+@@ -193,7 +193,7 @@ parse_time (int *hour, int *minute, int *second, const char **date_string)
+ 	while (*p == ' ')
+ 		p++;
+ 	*date_string = p;
+-	return TRUE;
++	return *hour >= 0 && *hour < 24 && *minute >= 0 && *minute < 60 && *second >= 0 && *second < 60;
+ }
+
+ static inline gboolean
+@@ -209,9 +209,14 @@ parse_timezone (GTimeZone **timezone, const char **date_string)
+ 		gulong val;
+ 		int sign = (**date_string == '+') ? 1 : -1;
+ 		val = strtoul (*date_string + 1, (char **)date_string, 10);
+-		if (**date_string == ':')
+-			val = 60 * val + strtoul (*date_string + 1, (char **)date_string, 10);
+-		else
++		if (val > 9999)
++			return FALSE;
++		if (**date_string == ':') {
++			gulong val2 = strtoul (*date_string + 1, (char **)date_string, 10);
++			if (val > 99 || val2 > 99)
++				return FALSE;
++			val = 60 * val + val2;
++		} else
+ 			val =  60 * (val / 100) + (val % 100);
+ 		offset_minutes = sign * val;
+                 utc = (sign == -1) && !val;
+@@ -264,7 +269,8 @@ parse_textual_date (const char *date_string)
+ 		if (!parse_month (&month, &date_string) ||
+ 		    !parse_day (&day, &date_string) ||
+ 		    !parse_time (&hour, &minute, &second, &date_string) ||
+-		    !parse_year (&year, &date_string))
++		    !parse_year (&year, &date_string) ||
++		    !g_date_valid_dmy (day, month, year))
+ 			return NULL;
+
+ 		/* There shouldn't be a timezone, but check anyway */
+@@ -276,7 +282,8 @@ parse_textual_date (const char *date_string)
+ 		if (!parse_day (&day, &date_string) ||
+ 		    !parse_month (&month, &date_string) ||
+ 		    !parse_year (&year, &date_string) ||
+-		    !parse_time (&hour, &minute, &second, &date_string))
++		    !parse_time (&hour, &minute, &second, &date_string) ||
++		    !g_date_valid_dmy (day, month, year))
+ 			return NULL;
+
+ 		/* This time there *should* be a timezone, but we
+diff --git a/tests/cookies-test.c b/tests/cookies-test.c
+index 1d2d4563..ff809a40 100644
+--- a/tests/cookies-test.c
++++ b/tests/cookies-test.c
+@@ -460,6 +460,15 @@ do_cookies_parsing_max_age_long_overflow (void)
+ 	soup_cookie_free (cookie);
+ }
+
++static void
++do_cookies_parsing_int32_overflow (void)
++{
++	SoupCookie *cookie = soup_cookie_parse ("Age=1;expires=3Mar9    999:9:9+ 999999999-age=main=gne=", NULL);
++	g_assert_nonnull (cookie);
++	g_assert_null (soup_cookie_get_expires (cookie));
++	soup_cookie_free (cookie);
++}
++
+ static void
+ do_cookies_equal_nullpath (void)
+ {
+@@ -718,6 +727,7 @@ main (int argc, char **argv)
+ 	g_test_add_func ("/cookies/parsing/no-path-null-origin", do_cookies_parsing_nopath_nullorigin);
+ 	g_test_add_func ("/cookies/parsing/max-age-int32-overflow", do_cookies_parsing_max_age_int32_overflow);
+ 	g_test_add_func ("/cookies/parsing/max-age-long-overflow", do_cookies_parsing_max_age_long_overflow);
++	g_test_add_func ("/cookies/parsing/int32-overflow", do_cookies_parsing_int32_overflow);
+ 	g_test_add_func ("/cookies/parsing/equal-nullpath", do_cookies_equal_nullpath);
+ 	g_test_add_func ("/cookies/parsing/control-characters", do_cookies_parsing_control_characters);
+         g_test_add_func ("/cookies/parsing/name-value-max-size", do_cookies_parsing_name_value_max_size);

SPECS/libsoup/libsoup3.signatures.json

@@ -0,0 +1,5 @@
+{
+ "Signatures": {
+  "libsoup-3.6.5.tar.xz": "6891765aac3e949017945c3eaebd8cc8216df772456dc9f460976fbdb7ada234"
+ }
+}