From 31f09f54a6503c240af512da88028276ee36a960 Mon Sep 17 00:00:00 2001
From: gonzalo <gonzalo@openbsd.org>
Date: Sat, 1 Sep 2012 17:35:54 +0000
Subject: [PATCH] Update for Icecast to 2.3.3:

* Improved HTTPS cipher handling and added support for chained certificates.
* Allow the source password to be undefined. There was a corner case,
  where a default password would have taken effect. It would require the
  admin to remove the 'source-password' from the icecast config to take
  effect. Default configs ship with the password set, so this
  vulnerability doesn't trigger there.
* Prevent error log injection of control characters by substituting
  non-alphanumeric characters with a '.' (CVE-2011-4612). Injection
  attempts can be identified via access.log, as that stores URL encoded
  requests. Investigation if further logging code needs to have
  sanitized output is ongoing.

Tested on amd64.

Reads fine aja@
---
 net/icecast/Makefile                           |  5 ++---
 net/icecast/distinfo                           |  7 ++-----
 net/icecast/patches/patch-Makefile_in          |  8 ++++----
 net/icecast/patches/patch-admin_Makefile_in    | 18 +++++++++---------
 net/icecast/patches/patch-conf_Makefile_in     | 16 ++++------------
 .../patches/patch-conf_icecast_minimal_xml_in  | 10 +++++-----
 net/icecast/patches/patch-conf_icecast_xml_in  | 10 +++++-----
 net/icecast/patches/patch-configure            | 10 +++++-----
 net/icecast/patches/patch-doc_Makefile_in      |  8 ++++----
 net/icecast/patches/patch-web_Makefile_in      | 18 +++++++++---------
 net/icecast/pkg/PLIST                          |  6 +++++-
 11 files changed, 54 insertions(+), 62 deletions(-)

diff --git a/net/icecast/Makefile b/net/icecast/Makefile
index 925ca0d998d..dc8ba672e0c 100644
--- a/net/icecast/Makefile
+++ b/net/icecast/Makefile
@@ -1,9 +1,8 @@
-# $OpenBSD: Makefile,v 1.49 2012/04/28 10:52:08 ajacoutot Exp $
+# $OpenBSD: Makefile,v 1.50 2012/09/01 17:35:54 gonzalo Exp $
 
 COMMENT=	server for streaming various media formats
 
-DISTNAME=	icecast-2.3.2
-REVISION=	8
+DISTNAME=	icecast-2.3.3
 CATEGORIES=	net audio
 
 HOMEPAGE=	http://www.icecast.org/
diff --git a/net/icecast/distinfo b/net/icecast/distinfo
index 8d647113d47..104a704ddf6 100644
--- a/net/icecast/distinfo
+++ b/net/icecast/distinfo
@@ -1,5 +1,2 @@
-MD5 (icecast-2.3.2.tar.gz) = /1FrPM0rzDHmj0YM0xYJPw==
-RMD160 (icecast-2.3.2.tar.gz) = 7BRVPM5lL7gIIzFslwX0y2F5zCo=
-SHA1 (icecast-2.3.2.tar.gz) = pSsTUFVIwu/yxkqrlaQtyv2hEic=
-SHA256 (icecast-2.3.2.tar.gz) = R0Kzj8VbY3OJWnwKNbrtSahI/smfXoU44/AVc4PQs/A=
-SIZE (icecast-2.3.2.tar.gz) = 1152319
+SHA256 (icecast-2.3.3.tar.gz) = Gx0G9fg8mpg80ozHiqkOQDj5M1EbPSDX/Sz8EWZFw20=
+SIZE (icecast-2.3.3.tar.gz) = 1161774
diff --git a/net/icecast/patches/patch-Makefile_in b/net/icecast/patches/patch-Makefile_in
index ed36a371aca..3b20e169e4a 100644
--- a/net/icecast/patches/patch-Makefile_in
+++ b/net/icecast/patches/patch-Makefile_in
@@ -1,7 +1,7 @@
-$OpenBSD: patch-Makefile_in,v 1.4 2008/11/18 21:22:02 pea Exp $
---- Makefile.in.orig	Fri May 30 01:58:59 2008
-+++ Makefile.in	Fri Nov  7 10:39:29 2008
-@@ -242,7 +242,7 @@ EXTRA_DIST = HACKING m4/acx_pthread.m4 m4/ogg.m4 \
+$OpenBSD: patch-Makefile_in,v 1.5 2012/09/01 17:35:54 gonzalo Exp $
+--- Makefile.in.orig	Mon Jun 11 14:03:15 2012
++++ Makefile.in	Mon Aug 13 13:31:38 2012
+@@ -324,7 +324,7 @@ EXTRA_DIST = HACKING m4/acx_pthread.m4 m4/ogg.m4 \
      m4/xiph_compiler.m4 m4/xiph_curl.m4 m4/xiph_net.m4 \
      m4/xiph_types.m4 m4/xiph_xml2.m4 icecast.spec
  
diff --git a/net/icecast/patches/patch-admin_Makefile_in b/net/icecast/patches/patch-admin_Makefile_in
index 0c2e7bd51cd..de32b5a32a8 100644
--- a/net/icecast/patches/patch-admin_Makefile_in
+++ b/net/icecast/patches/patch-admin_Makefile_in
@@ -1,12 +1,12 @@
-$OpenBSD: patch-admin_Makefile_in,v 1.2 2008/11/18 21:22:02 pea Exp $
---- admin/Makefile.in.orig	Fri May 30 01:58:57 2008
-+++ admin/Makefile.in	Fri Nov  7 10:40:00 2008
-@@ -15,7 +15,7 @@
- @SET_MAKE@
- 
- VPATH = @srcdir@
+$OpenBSD: patch-admin_Makefile_in,v 1.3 2012/09/01 17:35:54 gonzalo Exp $
+--- admin/Makefile.in.orig	Mon Jun 11 14:03:11 2012
++++ admin/Makefile.in	Mon Aug 13 13:34:51 2012
+@@ -33,7 +33,7 @@ am__make_dryrun = \
+     esac; \
+     test $$am__dry = yes; \
+   }
 -pkgdatadir = $(datadir)/@PACKAGE@
 +pkgdatadir = $(datadir)/examples/@PACKAGE@
- pkglibdir = $(libdir)/@PACKAGE@
  pkgincludedir = $(includedir)/@PACKAGE@
- am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+ pkglibdir = $(libdir)/@PACKAGE@
+ pkglibexecdir = $(libexecdir)/@PACKAGE@
diff --git a/net/icecast/patches/patch-conf_Makefile_in b/net/icecast/patches/patch-conf_Makefile_in
index 875059c2f5e..ab859e78d7f 100644
--- a/net/icecast/patches/patch-conf_Makefile_in
+++ b/net/icecast/patches/patch-conf_Makefile_in
@@ -1,7 +1,7 @@
-$OpenBSD: patch-conf_Makefile_in,v 1.4 2008/11/18 21:22:02 pea Exp $
---- conf/Makefile.in.orig	Fri May 30 01:58:57 2008
-+++ conf/Makefile.in	Fri Nov  7 10:40:48 2008
-@@ -176,7 +176,7 @@ build_vendor = @build_vendor@
+$OpenBSD: patch-conf_Makefile_in,v 1.5 2012/09/01 17:35:54 gonzalo Exp $
+--- conf/Makefile.in.orig	Mon Jun 11 14:03:11 2012
++++ conf/Makefile.in	Mon Aug 13 13:31:38 2012
+@@ -226,7 +226,7 @@ build_vendor = @build_vendor@
  builddir = @builddir@
  datadir = @datadir@
  datarootdir = @datarootdir@
@@ -10,11 +10,3 @@ $OpenBSD: patch-conf_Makefile_in,v 1.4 2008/11/18 21:22:02 pea Exp $
  dvidir = @dvidir@
  exec_prefix = @exec_prefix@
  host = @host@
-@@ -354,7 +354,6 @@ info-am:
- 
- install-data-am: install-docDATA
- 	@$(NORMAL_INSTALL)
--	$(MAKE) $(AM_MAKEFLAGS) install-data-hook
- 
- install-dvi: install-dvi-am
- 
diff --git a/net/icecast/patches/patch-conf_icecast_minimal_xml_in b/net/icecast/patches/patch-conf_icecast_minimal_xml_in
index e2d2eae302e..89eaa07f20b 100644
--- a/net/icecast/patches/patch-conf_icecast_minimal_xml_in
+++ b/net/icecast/patches/patch-conf_icecast_minimal_xml_in
@@ -1,6 +1,6 @@
-$OpenBSD: patch-conf_icecast_minimal_xml_in,v 1.1 2008/11/18 21:22:02 pea Exp $
---- conf/icecast_minimal.xml.in.orig	Mon Jul  4 00:11:52 2005
-+++ conf/icecast_minimal.xml.in	Fri Nov  7 13:38:36 2008
+$OpenBSD: patch-conf_icecast_minimal_xml_in,v 1.2 2012/09/01 17:35:54 gonzalo Exp $
+--- conf/icecast_minimal.xml.in.orig	Mon Jun 11 13:45:19 2012
++++ conf/icecast_minimal.xml.in	Fri Aug 31 11:26:58 2012
 @@ -22,9 +22,10 @@
      </listen-socket>
      <fileserve>1</fileserve>
@@ -8,11 +8,11 @@ $OpenBSD: patch-conf_icecast_minimal_xml_in,v 1.1 2008/11/18 21:22:02 pea Exp $
 -        <logdir>@localstatedir@/log/@PACKAGE@</logdir>
 -        <webroot>@pkgdatadir@/web</webroot>
 -        <adminroot>@pkgdatadir@/admin</adminroot>
-+	<basedir>/var/icecast</basedir>
++        <basedir>/var/icecast</basedir>
 +        <logdir>/log</logdir>
 +        <webroot>/web</webroot>
 +        <adminroot>/admin</adminroot>
-         <alias source="/" dest="/status.xsl"/>
+         <alias source="/" destination="/status.xsl"/>
      </paths>
      <logging>
 @@ -32,4 +33,11 @@
diff --git a/net/icecast/patches/patch-conf_icecast_xml_in b/net/icecast/patches/patch-conf_icecast_xml_in
index 7e917636012..3189e200804 100644
--- a/net/icecast/patches/patch-conf_icecast_xml_in
+++ b/net/icecast/patches/patch-conf_icecast_xml_in
@@ -1,7 +1,7 @@
-$OpenBSD: patch-conf_icecast_xml_in,v 1.5 2008/11/18 21:22:02 pea Exp $
---- conf/icecast.xml.in.orig	Fri Apr  4 17:14:10 2008
-+++ conf/icecast.xml.in	Fri Nov  7 13:38:41 2008
-@@ -125,14 +125,14 @@
+$OpenBSD: patch-conf_icecast_xml_in,v 1.6 2012/09/01 17:35:54 gonzalo Exp $
+--- conf/icecast.xml.in.orig	Mon Jun 11 13:45:19 2012
++++ conf/icecast.xml.in	Mon Aug 13 13:31:38 2012
+@@ -131,14 +131,14 @@
  
      <paths>
  		<!-- basedir is only used if chroot is enabled -->
@@ -21,7 +21,7 @@ $OpenBSD: patch-conf_icecast_xml_in,v 1.5 2008/11/18 21:22:02 pea Exp $
  
          <!-- Aliases: treat requests for 'source' path as being for 'dest' path
               May be made specific to a port or bound address using the "port"
-@@ -163,12 +163,10 @@
+@@ -169,12 +169,10 @@
      </logging>
  
      <security>
diff --git a/net/icecast/patches/patch-configure b/net/icecast/patches/patch-configure
index 0ac8f4c915a..0ce18d37866 100644
--- a/net/icecast/patches/patch-configure
+++ b/net/icecast/patches/patch-configure
@@ -1,7 +1,7 @@
-$OpenBSD: patch-configure,v 1.9 2008/11/18 21:22:02 pea Exp $
---- configure.orig	Fri Nov  7 11:02:00 2008
-+++ configure	Fri Nov  7 11:02:31 2008
-@@ -24495,7 +24495,7 @@ fi
+$OpenBSD: patch-configure,v 1.10 2012/09/01 17:35:54 gonzalo Exp $
+--- configure.orig	Mon Jun 11 14:03:18 2012
++++ configure	Mon Aug 13 13:31:38 2012
+@@ -13910,7 +13910,7 @@ fi
  
  
  if test "x$openssl_prefix" != "x" -a "x$openssl_prefix" != "xyes"; then
@@ -10,7 +10,7 @@ $OpenBSD: patch-configure,v 1.9 2008/11/18 21:22:02 pea Exp $
      OPENSSL_CFLAGS="-I$openssl_prefix/include"
  else
      # Extract the first word of "pkg-config", so it can be a program name with args.
-@@ -24548,7 +24548,7 @@ fi
+@@ -13963,7 +13963,7 @@ fi
          else
              openssl_prefix="$prefix"
          fi
diff --git a/net/icecast/patches/patch-doc_Makefile_in b/net/icecast/patches/patch-doc_Makefile_in
index 78a58a83db8..14723bf6da9 100644
--- a/net/icecast/patches/patch-doc_Makefile_in
+++ b/net/icecast/patches/patch-doc_Makefile_in
@@ -1,7 +1,7 @@
-$OpenBSD: patch-doc_Makefile_in,v 1.4 2008/11/18 21:22:03 pea Exp $
---- doc/Makefile.in.orig	Fri May 30 01:58:57 2008
-+++ doc/Makefile.in	Fri Nov  7 10:44:18 2008
-@@ -176,7 +176,7 @@ build_vendor = @build_vendor@
+$OpenBSD: patch-doc_Makefile_in,v 1.5 2012/09/01 17:35:54 gonzalo Exp $
+--- doc/Makefile.in.orig	Mon Jun 11 14:03:12 2012
++++ doc/Makefile.in	Mon Aug 13 13:31:38 2012
+@@ -226,7 +226,7 @@ build_vendor = @build_vendor@
  builddir = @builddir@
  datadir = @datadir@
  datarootdir = @datarootdir@
diff --git a/net/icecast/patches/patch-web_Makefile_in b/net/icecast/patches/patch-web_Makefile_in
index b51a03392b9..76cb557f616 100644
--- a/net/icecast/patches/patch-web_Makefile_in
+++ b/net/icecast/patches/patch-web_Makefile_in
@@ -1,12 +1,12 @@
-$OpenBSD: patch-web_Makefile_in,v 1.2 2008/11/18 21:22:03 pea Exp $
---- web/Makefile.in.orig	Fri May 30 01:58:59 2008
-+++ web/Makefile.in	Fri Nov  7 10:42:57 2008
-@@ -15,7 +15,7 @@
- @SET_MAKE@
- 
- VPATH = @srcdir@
+$OpenBSD: patch-web_Makefile_in,v 1.3 2012/09/01 17:35:54 gonzalo Exp $
+--- web/Makefile.in.orig	Mon Jun 11 14:03:14 2012
++++ web/Makefile.in	Mon Aug 13 13:35:19 2012
+@@ -33,7 +33,7 @@ am__make_dryrun = \
+     esac; \
+     test $$am__dry = yes; \
+   }
 -pkgdatadir = $(datadir)/@PACKAGE@
 +pkgdatadir = $(datadir)/examples/@PACKAGE@
- pkglibdir = $(libdir)/@PACKAGE@
  pkgincludedir = $(includedir)/@PACKAGE@
- am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+ pkglibdir = $(libdir)/@PACKAGE@
+ pkglibexecdir = $(libexecdir)/@PACKAGE@
diff --git a/net/icecast/pkg/PLIST b/net/icecast/pkg/PLIST
index 8af6db3df1b..517fbbce43d 100644
--- a/net/icecast/pkg/PLIST
+++ b/net/icecast/pkg/PLIST
@@ -1,4 +1,4 @@
-@comment $OpenBSD: PLIST,v 1.10 2010/11/11 10:32:54 edd Exp $
+@comment $OpenBSD: PLIST,v 1.11 2012/09/01 17:35:54 gonzalo Exp $
 @newgroup _icecast:611
 @newuser _icecast:611:_icecast:daemon:Icecast Server:/var/empty:/sbin/nologin
 @bin bin/icecast
@@ -44,6 +44,10 @@ share/examples/icecast/admin/stats.xsl
 @sample /var/icecast/admin/stats.xsl
 share/examples/icecast/admin/updatemetadata.xsl
 @sample /var/icecast/admin/updatemetadata.xsl
+share/examples/icecast/admin/vclt.xsl
+@sample /var/icecast/admin/vclt.xsl
+share/examples/icecast/admin/xspf.xsl
+@sample /var/icecast/admin/xspf.xsl
 @mode 600
 share/examples/icecast/icecast.xml.dist
 @sample /var/icecast/icecast.xml