Accepting request 1003277 from GNOME:Apps

GNOME 43.rc - let's get this into Staging to see what we break (e.g meson:test seems to be an issue already) (forwarded request 1002595 from dimstar) OBS-URL: https://build.opensuse.org/request/show/1003277 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/librest?expand=0&rev=29
8 months ago · a3dac0ead7
parent 486f9170e2 682833000c
commit a3dac0ead7
4 changed files with 127 additions and 2 deletions
--- a/0001-rest_proxy_call_sync-bail-out-if-no-payload.patch
+++ b/0001-rest_proxy_call_sync-bail-out-if-no-payload.patch
@ -0,0 +1,40 @@
+From fbad64abe28a96f591a30e3a5d3189c10172a414 Mon Sep 17 00:00:00 2001
+From: Adam Williamson <awilliam@redhat.com>
+Date: Tue, 30 Aug 2022 10:03:57 -0700
+Subject: [PATCH 1/2] rest_proxy_call_sync: bail out if no payload
+
+goa-daemon is crashing on suspend/resume with a traceback that
+points here: it calls rest_proxy_call_sync, that calls
+_rest_proxy_send_message, assumes it gets a `payload` back,
+and calls `finish_call` with it. However, it's not actually
+guaranteed that `_rest_proxy_send_message` will return a payload
+(a `GBytes`). There are three ways it can return `NULL` instead:
+if it's passed a wrong proxy or message, or - when built against
+libsoup3 - if there is an error sending the message (it passes
+through the return value of `soup_session_send_and_read`, and
+that's documented to be `NULL` on error).
+
+If `payload` comes back `NULL`, let's just return `FALSE`, like
+we do if there's a problem with the call or message.
+
+Signed-off-by: Adam Williamson <awilliam@redhat.com>
+---
+ rest/rest-proxy-call.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/rest/rest-proxy-call.c b/rest/rest-proxy-call.c
+index 851b397..07b8b49 100644
+--- a/rest/rest-proxy-call.c
+++ b/rest/rest-proxy-call.c
+@@ -1428,6 +1428,8 @@ rest_proxy_call_sync (RestProxyCall *call,
+     return FALSE;
+ 
+   payload = _rest_proxy_send_message (priv->proxy, message, priv->cancellable, error_out);
+  if (!payload)
+    return FALSE;
+ 
+   ret = finish_call (call, message, payload, error_out);
+ 
+-- 
+2.37.1
+
--- a/0002-Handle-some-potential-problems-in-parsing-oauth2-acc.patch
+++ b/0002-Handle-some-potential-problems-in-parsing-oauth2-acc.patch
@ -0,0 +1,52 @@
+From 49c2d0ac00b959ce53cc00ca4e7758c21085722f Mon Sep 17 00:00:00 2001
+From: Adam Williamson <awilliam@redhat.com>
+Date: Tue, 30 Aug 2022 10:59:01 -0700
+Subject: [PATCH 2/2] Handle some potential problems in parsing oauth2 access
+ tokens
+
+It's possible for `_rest_proxy_send_message` to return `NULL`,
+which would mean the `payload` here would be `NULL`. If so,
+we're not going to be able to do anything, so we should just
+bail out.
+
+It's also possible for `json_parser_load_from_data` to return
+`FALSE` without setting an error. The most obvious way would be
+if `data` was `NULL`, which the bailout avoids, but it could
+also happen if we pass an invalid parser somehow. Let's just
+handle that too, to be safe.
+
+Signed-off-by: Adam Williamson <awilliam@redhat.com>
+---
+ rest/rest-oauth2-proxy.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/rest/rest-oauth2-proxy.c b/rest/rest-oauth2-proxy.c
+index 9511f97..a715b2b 100644
+--- a/rest/rest-oauth2-proxy.c
+++ b/rest/rest-oauth2-proxy.c
+@@ -68,18 +68,21 @@ rest_oauth2_proxy_parse_access_token (RestOAuth2Proxy *self,
+   gsize size;
+   gint expires_in;
+   gint created_at;
+  gboolean ret;
+ 
+   g_return_if_fail (REST_IS_OAUTH2_PROXY (self));
+  g_return_if_fail (payload);
+ 
+   data = g_bytes_get_data (payload, &size);
+ 
+   parser = json_parser_new ();
+-  json_parser_load_from_data (parser, data, size, &error);
+  ret = json_parser_load_from_data (parser, data, size, &error);
+   if (error != NULL)
+     {
+       g_task_return_error (task, error);
+       return;
+     }
+  g_return_if_fail (ret);
+ 
+   root = json_parser_get_root (parser);
+   root_object = json_node_get_object (root);
+-- 
+2.37.1
+
--- a/librest.changes
+++ b/librest.changes
@ -1,3 +1,23 @@
+-------------------------------------------------------------------
+Sun Sep 11 12:25:12 UTC 2022 - Bjørn Lie <bjorn.lie@gmail.com>
+
+- Add patches to fix some minor issues that upstream have solved in
+  a different way in git, but this should suffice for now for us:
+  + 0001-rest_proxy_call_sync-bail-out-if-no-payload.patch:
+    rest_proxy_call_sync: bail out if no payload.
+  + 0002-Handle-some-potential-problems-in-parsing-oauth2-acc.patch:
+    Handle some potential problems in parsing oauth2 access tokens.
+
+-------------------------------------------------------------------
+Sat Aug 20 23:06:52 UTC 2022 - Bjørn Lie <bjorn.lie@gmail.com>
+
+- Stop passing soup2=false and tests=false to meson, follow the
+  defaults.
+- Pass vapi=true and add pkgconfig(vapigen) BuildRequires: Build
+  vapi support.
+- Pass ca_certificates=true and
+  ca_certificates_path=%{_sysconfdir}/ssl/ca-bundle.pem to meson.
+
 -------------------------------------------------------------------
 Mon Jun 20 08:13:55 UTC 2022 - Bjørn Lie <bjorn.lie@gmail.com>

--- a/librest.spec
+++ b/librest.spec
@ -30,6 +30,11 @@ Group:          Development/Libraries/GNOME
 URL:            http://git.gnome.org/browse/librest/
 Source0:        http://download.gnome.org/sources/rest/0.9/%{_name}-%{version}.tar.xz
 Source99:       baselibs.conf
+# PATCH-FIX-UPSTREAM 0001-rest_proxy_call_sync-bail-out-if-no-payload.patch -- rest_proxy_call_sync: bail out if no payload
+Patch0:         0001-rest_proxy_call_sync-bail-out-if-no-payload.patch
+# PATCH-FIX-UPSTREAM 0002-Handle-some-potential-problems-in-parsing-oauth2-acc.patch -- Handle some potential problems in parsing oauth2 access tokens
+Patch1:         0002-Handle-some-potential-problems-in-parsing-oauth2-acc.patch
+

 BuildRequires:  gtk-doc
 BuildRequires:  meson
@ -40,6 +45,7 @@ BuildRequires:  pkgconfig(gobject-introspection-1.0)
 BuildRequires:  pkgconfig(json-glib-1.0)
 BuildRequires:  pkgconfig(libsoup-3.0)
 BuildRequires:  pkgconfig(libxml-2.0)
+BuildRequires:  pkgconfig(vapigen)

 %description
 This library was designed to make it easier to access web services that
@ -104,9 +110,10 @@ can then be called on.
 #	-D ca_certificates=true \
 #	-D ca_certificates_path=%%{_sysconfdir}/ssl/ca-bundle.pem \
 %meson \
+	-D ca_certificates=true \
+	-D ca_certificates_path=%{_sysconfdir}/ssl/ca-bundle.pem \
 	-D examples=false \
-	-D soup2=false \
-	-D tests=false \
+	-D vapi=true \
 	%{nil}
 %meson_build

@ -135,5 +142,11 @@ can then be called on.
 %{_datadir}/gir-1.0/*.gir
 %{_includedir}/rest-%{abi}/
 %doc %{_datadir}/doc/librest-%{abi}/
+%dir %{_datadir}/vala
+%dir %{_datadir}/vala/vapi
+%{_datadir}/vala/vapi/rest-1.0.deps
+%{_datadir}/vala/vapi/rest-1.0.vapi
+%{_datadir}/vala/vapi/rest-extras-1.0.deps
+%{_datadir}/vala/vapi/rest-extras-1.0.vapi

 %changelog