head	1.6;
access;
symbols
	pkgsrc-2019Q2:1.5.0.96
	pkgsrc-2019Q2-base:1.5
	pkgsrc-2019Q1:1.5.0.94
	pkgsrc-2019Q1-base:1.5
	pkgsrc-2018Q4:1.5.0.92
	pkgsrc-2018Q4-base:1.5
	pkgsrc-2018Q3:1.5.0.90
	pkgsrc-2018Q3-base:1.5
	pkgsrc-2018Q2:1.5.0.88
	pkgsrc-2018Q2-base:1.5
	pkgsrc-2018Q1:1.5.0.86
	pkgsrc-2018Q1-base:1.5
	pkgsrc-2017Q4:1.5.0.84
	pkgsrc-2017Q4-base:1.5
	pkgsrc-2017Q3:1.5.0.82
	pkgsrc-2017Q3-base:1.5
	pkgsrc-2017Q2:1.5.0.78
	pkgsrc-2017Q2-base:1.5
	pkgsrc-2017Q1:1.5.0.76
	pkgsrc-2017Q1-base:1.5
	pkgsrc-2016Q4:1.5.0.74
	pkgsrc-2016Q4-base:1.5
	pkgsrc-2016Q3:1.5.0.72
	pkgsrc-2016Q3-base:1.5
	pkgsrc-2016Q2:1.5.0.70
	pkgsrc-2016Q2-base:1.5
	pkgsrc-2016Q1:1.5.0.68
	pkgsrc-2016Q1-base:1.5
	pkgsrc-2015Q4:1.5.0.66
	pkgsrc-2015Q4-base:1.5
	pkgsrc-2015Q3:1.5.0.64
	pkgsrc-2015Q3-base:1.5
	pkgsrc-2015Q2:1.5.0.62
	pkgsrc-2015Q2-base:1.5
	pkgsrc-2015Q1:1.5.0.60
	pkgsrc-2015Q1-base:1.5
	pkgsrc-2014Q4:1.5.0.58
	pkgsrc-2014Q4-base:1.5
	pkgsrc-2014Q3:1.5.0.56
	pkgsrc-2014Q3-base:1.5
	pkgsrc-2014Q2:1.5.0.54
	pkgsrc-2014Q2-base:1.5
	pkgsrc-2014Q1:1.5.0.52
	pkgsrc-2014Q1-base:1.5
	pkgsrc-2013Q4:1.5.0.50
	pkgsrc-2013Q4-base:1.5
	pkgsrc-2013Q3:1.5.0.48
	pkgsrc-2013Q3-base:1.5
	pkgsrc-2013Q2:1.5.0.46
	pkgsrc-2013Q2-base:1.5
	pkgsrc-2013Q1:1.5.0.44
	pkgsrc-2013Q1-base:1.5
	pkgsrc-2012Q4:1.5.0.42
	pkgsrc-2012Q4-base:1.5
	pkgsrc-2012Q3:1.5.0.40
	pkgsrc-2012Q3-base:1.5
	pkgsrc-2012Q2:1.5.0.38
	pkgsrc-2012Q2-base:1.5
	pkgsrc-2012Q1:1.5.0.36
	pkgsrc-2012Q1-base:1.5
	pkgsrc-2011Q4:1.5.0.34
	pkgsrc-2011Q4-base:1.5
	pkgsrc-2011Q3:1.5.0.32
	pkgsrc-2011Q3-base:1.5
	pkgsrc-2011Q2:1.5.0.30
	pkgsrc-2011Q2-base:1.5
	pkgsrc-2011Q1:1.5.0.28
	pkgsrc-2011Q1-base:1.5
	pkgsrc-2010Q4:1.5.0.26
	pkgsrc-2010Q4-base:1.5
	pkgsrc-2010Q3:1.5.0.24
	pkgsrc-2010Q3-base:1.5
	pkgsrc-2010Q2:1.5.0.22
	pkgsrc-2010Q2-base:1.5
	pkgsrc-2010Q1:1.5.0.20
	pkgsrc-2010Q1-base:1.5
	pkgsrc-2009Q4:1.5.0.18
	pkgsrc-2009Q4-base:1.5
	pkgsrc-2009Q3:1.5.0.16
	pkgsrc-2009Q3-base:1.5
	pkgsrc-2009Q2:1.5.0.14
	pkgsrc-2009Q2-base:1.5
	pkgsrc-2009Q1:1.5.0.12
	pkgsrc-2009Q1-base:1.5
	pkgsrc-2008Q4:1.5.0.10
	pkgsrc-2008Q4-base:1.5
	pkgsrc-2008Q3:1.5.0.8
	pkgsrc-2008Q3-base:1.5
	cube-native-xorg:1.5.0.6
	cube-native-xorg-base:1.5
	pkgsrc-2008Q2:1.5.0.4
	pkgsrc-2008Q2-base:1.5
	cwrapper:1.5.0.2
	pkgsrc-2008Q1:1.4.0.4
	pkgsrc-2008Q1-base:1.4
	pkgsrc-2007Q4:1.4.0.2
	pkgsrc-2007Q4-base:1.4
	pkgsrc-2007Q3:1.3.0.2
	pkgsrc-2007Q3-base:1.3
	pkgsrc-2007Q2:1.2.0.12
	pkgsrc-2007Q2-base:1.2
	pkgsrc-2007Q1:1.2.0.10
	pkgsrc-2007Q1-base:1.2
	pkgsrc-2006Q4:1.2.0.8
	pkgsrc-2006Q4-base:1.2
	pkgsrc-2006Q3:1.2.0.6
	pkgsrc-2006Q3-base:1.2
	pkgsrc-2006Q2:1.2.0.4
	pkgsrc-2006Q2-base:1.2
	pkgsrc-2006Q1:1.2.0.2
	pkgsrc-2006Q1-base:1.2
	pkgsrc-2005Q4:1.1.0.2
	pkgsrc-2005Q4-base:1.1;
locks; strict;
comment	@# @;


1.6
date	2019.07.05.09.14.50;	author nia;	state dead;
branches;
next	1.5;
commitid	NSZnNF8O6r0hPPtB;

1.5
date	2008.05.11.04.12.34;	author tonnerre;	state Exp;
branches;
next	1.4;

1.4
date	2007.12.22.22.34.24;	author jdolecek;	state dead;
branches
	1.4.4.1;
next	1.3;

1.3
date	2007.09.29.12.51.17;	author rillig;	state Exp;
branches;
next	1.2;

1.2
date	2006.03.11.16.44.44;	author yyamano;	state Exp;
branches;
next	1.1;

1.1
date	2005.12.19.19.38.55;	author joerg;	state Exp;
branches;
next	;

1.4.4.1
date	2008.05.12.10.47.37;	author rtr;	state Exp;
branches;
next	;


desc
@@


1.6
log
@Remove licq packages.

licq has not been able to connect to ICQ servers since 28th December 2018,
while upstream discontinued development in 2014 and has no plans to start
over.

Also, these packages have not been updated since 2007, so I doubt anyone
has used this in a long time.

https://github.com/licq-im/licq/issues/53
@
text
@$NetBSD: patch-ac,v 1.5 2008/05/11 04:12:34 tonnerre Exp $

--- src/icqd-threads.cpp.orig	2007-09-28 22:11:35.000000000 +0200
+++ src/icqd-threads.cpp
@@@@ -23,6 +23,7 @@@@
 // Localization
 #include "gettext.h"
 
+#define MAX_CONNECTS  256
 #define DEBUG_THREADS(x)
 //#define DEBUG_THREADS(x) gLog.Info(x)
 
@@@@ -780,8 +781,21 @@@@ void *MonitorSockets_tep(void *p)
               TCPSocket *newSocket = new TCPSocket(0);
               tcp->RecvConnection(*newSocket);
               gSocketManager.DropSocket(tcp);
-              gSocketManager.AddSocket(newSocket);
-              gSocketManager.DropSocket(newSocket);
+
+	      // Make sure we can handle another socket before accepting it
+	      if (gSocketManager.Num() > MAX_CONNECTS)
+	      {
+		// Too many sockets, drop this one
+		char remoteIp[32];
+		gLog.Warn(tr("%sToo many connected sockets, rejecting connection from %s.\n"),
+			L_WARNxSTR, newSocket->RemoteIpStr(remoteIp));
+		delete newSocket;
+	      }
+	      else
+	      {
+                gSocketManager.AddSocket(newSocket);
+                gSocketManager.DropSocket(newSocket);
+	      }
             }
           }
 
@


1.5
log
@Fix multiple connection handling Denial of Service vulnerability in licq
(CVE-2008-1996). Before this, the application would crash if too many TCP
connections are opened.
@
text
@d1 1
a1 1
$NetBSD$
@


1.4
log
@Update licq-{core,gui-console,gui-qt} to 1.3.5.

New in 1.3.4
o Fix a few bugs where users would falsely go offline
o Make sending typing notifications optional
o Fixes for newly registered users
o Fix the handling of pidfiles so that Licq always starts unless there actually
is an other instance of Licq running.
o 64-bit compatibility changes
o Compilation fixes
o Fixes for Licq on Mac OS X (with Fink)
o Iconv fixes
o ICQ: Fix a bug where contacts would receive empty messages
o ICQ: Update the protocol to properly set info
o ICQ: Show more version information of remote clients
o ICQ: Fix SSL issue
o MSN: Fix a race error in MSN packet parsing
o MSN: Fix socket handling
o KDE: Addressbook fix
o KDE: Add spell checking to the kde-gui (Using KSpell)
o Qt/KDE: Show user's pictures as a tooltip or status icon
o Qt/KDE: Optional "Send with Enter"
o Qt/KDE: Improve hyperlink detection
o Qt/KDE: Improve emoticon detection and processing
o Qt/KDE: Add a custom message box handler
o Qt/KDE: New KDE iconset to better integrate with the KDE desktop
Many various minor bugs and crashes fixed... See http://tinyurl.com/ygdrfo for d
etails.

Build and basic startup done on NetBSD 4.0 and Mac OS X 10.5
@
text
@d1 1
a1 1
$NetBSD: patch-ac,v 1.3 2007/09/29 12:51:17 rillig Exp $
d3 33
a35 13
--- src/user.cpp.orig	2003-03-06 23:29:19.000000000 +0100
+++ src/user.cpp	2007-09-29 14:48:00.000000000 +0200
@@@@ -2544,7 +2544,11 @@@@ ICQOwner::ICQOwner()
   m_fConf.ReadBool("HideIP", m_bHideIp, false);
   m_fConf.ReadNum("RCG", m_nRandomChatGroup, ICQ_RANDOMxCHATxGROUP_NONE);
   m_fConf.ReadStr("AutoResponse", szTemp, "");
+#if defined(__DragonFly__) || defined(__APPLE__) || defined(__NetBSD__)
+  { unsigned long tmp; m_fConf.ReadNum("SSTime", tmp, 0L); m_nSSTime = tmp; }
+#else
   m_fConf.ReadNum("SSTime", (unsigned long)m_nSSTime, 0L);
+#endif
   m_fConf.ReadNum("SSCount", m_nSSCount, 0);
   SetAutoResponse(szTemp);
@


1.4.4.1
log
@pullup ticket #2372 - requested by tonnerre
licq-core: fix for DoS vulnerability

revisions pulled up:
- pkgsrc/chat/licq-core/Makefile		1.11
- pkgsrc/chat/licq-core/distinfo		1.13
- pkgsrc/chat/licq-core/patches/patch-aa	1.2
- pkgsrc/chat/licq-core/patches/patch-ab	1.3
- pkgsrc/chat/licq-core/patches/patch-ac	1.3
- pkgsrc/chat/licq-core/patches/patch-ag	1.5

   Module Name:	pkgsrc
   Committed By:	tonnerre
   Date:		Sun May 11 04:12:34 UTC 2008

   Modified Files:
   	pkgsrc/chat/licq-core: Makefile distinfo
   	pkgsrc/chat/licq-core/patches: patch-aa
   Added Files:
   	pkgsrc/chat/licq-core/patches: patch-ab patch-ac patch-ag

   Log Message:
   Fix multiple connection handling Denial of Service vulnerability in licq
   (CVE-2008-1996). Before this, the application would crash if too many
   TCP connections are opened.
@
text
@d1 1
a1 1
$NetBSD: patch-ac,v 1.5 2008/05/11 04:12:34 tonnerre Exp $
d3 13
a15 33
--- src/icqd-threads.cpp.orig	2007-09-28 22:11:35.000000000 +0200
+++ src/icqd-threads.cpp
@@@@ -23,6 +23,7 @@@@
 // Localization
 #include "gettext.h"
 
+#define MAX_CONNECTS  256
 #define DEBUG_THREADS(x)
 //#define DEBUG_THREADS(x) gLog.Info(x)
 
@@@@ -780,8 +781,21 @@@@ void *MonitorSockets_tep(void *p)
               TCPSocket *newSocket = new TCPSocket(0);
               tcp->RecvConnection(*newSocket);
               gSocketManager.DropSocket(tcp);
-              gSocketManager.AddSocket(newSocket);
-              gSocketManager.DropSocket(newSocket);
+
+	      // Make sure we can handle another socket before accepting it
+	      if (gSocketManager.Num() > MAX_CONNECTS)
+	      {
+		// Too many sockets, drop this one
+		char remoteIp[32];
+		gLog.Warn(tr("%sToo many connected sockets, rejecting connection from %s.\n"),
+			L_WARNxSTR, newSocket->RemoteIpStr(remoteIp));
+		delete newSocket;
+	      }
+	      else
+	      {
+                gSocketManager.AddSocket(newSocket);
+                gSocketManager.DropSocket(newSocket);
+	      }
             }
           }
@


1.3
log
@Fixed build errors on NetBSD 4.99.
@
text
@d1 1
a1 1
$NetBSD: patch-ac,v 1.2 2006/03/11 16:44:44 yyamano Exp $
@


1.2
log
@Make this build on Darwin.
@
text
@d1 1
a1 1
$NetBSD: patch-ac,v 1.1 2005/12/19 19:38:55 joerg Exp $
d3 2
a4 2
--- src/user.cpp.orig	2003-03-07 07:29:19.000000000 +0900
+++ src/user.cpp
d9 1
a9 1
+#if defined(__DragonFly__) || defined(__APPLE__)
@


1.1
log
@Avoid lvalue cast for GCC 3.4. Add DragonFly support.
@
text
@d1 1
a1 1
$NetBSD$
d3 1
a3 1
--- src/user.cpp.orig	2005-12-19 18:37:05.000000000 +0000
d9 1
a9 1
+#if defined(__DragonFly__)
@