From bdae15e056b3a7f1f602521fa6b8c6d87db275f0 Mon Sep 17 00:00:00 2001
From: Jiri Slachta <slachta@cesnet.cz>
Date: Wed, 13 May 2015 14:05:36 +0200
Subject: [PATCH] asterisk-13.x: revert to version 13.2.0 with AST-2015-003 fix

Signed-off-by: Jiri Slachta <slachta@cesnet.cz>
---
 net/asterisk-13.x/Makefile                    |  6 +++---
 .../patches/002-undef-res-ninit.patch         |  2 +-
 .../patches/004-ifdef-missing-execinfo.patch  |  2 +-
 .../patches/100-AST-2015-003-13.diff          | 20 +++++++++++++++++++
 4 files changed, 25 insertions(+), 5 deletions(-)
 create mode 100644 net/asterisk-13.x/patches/100-AST-2015-003-13.diff

diff --git a/net/asterisk-13.x/Makefile b/net/asterisk-13.x/Makefile
index 23f333f..36a0d4b 100644
--- a/net/asterisk-13.x/Makefile
+++ b/net/asterisk-13.x/Makefile
@@ -9,12 +9,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=asterisk13
-PKG_VERSION:=13.3.2
-PKG_RELEASE:=2
+PKG_VERSION:=13.2.0
+PKG_RELEASE:=4
 
 PKG_SOURCE:=asterisk-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=http://downloads.asterisk.org/pub/telephony/asterisk/releases/
-PKG_MD5SUM:=afc8a5b7fc239c7aa5692b563d7e6ed2
+PKG_MD5SUM:=36033a5faa2f0f9ac3bc34b799e823a2
 
 PKG_BUILD_DIR=$(BUILD_DIR)/asterisk-$(PKG_VERSION)
 PKG_BUILD_DEPENDS:=libxml2/host
diff --git a/net/asterisk-13.x/patches/002-undef-res-ninit.patch b/net/asterisk-13.x/patches/002-undef-res-ninit.patch
index e7ed74c..de73db8 100644
--- a/net/asterisk-13.x/patches/002-undef-res-ninit.patch
+++ b/net/asterisk-13.x/patches/002-undef-res-ninit.patch
@@ -1,6 +1,6 @@
 --- a/configure.ac
 +++ b/configure.ac
-@@ -1202,7 +1202,6 @@ AC_LINK_IFELSE(
+@@ -1177,7 +1177,6 @@ AC_LINK_IFELSE(
  			#include <resolv.h>],
  			[int foo = res_ninit(NULL);])],
  	AC_MSG_RESULT(yes)
diff --git a/net/asterisk-13.x/patches/004-ifdef-missing-execinfo.patch b/net/asterisk-13.x/patches/004-ifdef-missing-execinfo.patch
index 204d91d..2cec5c0 100644
--- a/net/asterisk-13.x/patches/004-ifdef-missing-execinfo.patch
+++ b/net/asterisk-13.x/patches/004-ifdef-missing-execinfo.patch
@@ -111,7 +111,7 @@
  #include <time.h>	/* we want to override localtime_r */
  #include <unistd.h>
  #include <string.h>
-@@ -540,13 +542,17 @@ extern void *_ast_mem_backtrace_buffer[_
+@@ -514,13 +516,17 @@ extern void *_ast_mem_backtrace_buffer[_
   * Ok, this sucks. But if we're already out of mem, we don't
   * want the logger to create infinite recursion (and a crash).
   */
diff --git a/net/asterisk-13.x/patches/100-AST-2015-003-13.diff b/net/asterisk-13.x/patches/100-AST-2015-003-13.diff
new file mode 100644
index 0000000..c10a186
--- /dev/null
+++ b/net/asterisk-13.x/patches/100-AST-2015-003-13.diff
@@ -0,0 +1,20 @@
+--- a/main/tcptls.c
++++ b/main/tcptls.c
+@@ -640,9 +640,15 @@
+ 							break;
+ 						}
+ 						str = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name, pos));
+-						ASN1_STRING_to_UTF8(&str2, str);
++						ret = ASN1_STRING_to_UTF8(&str2, str);
++						if (ret < 0) {
++							continue;
++						}
++
+ 						if (str2) {
+-							if (!strcasecmp(tcptls_session->parent->hostname, (char *) str2)) {
++							if (strlen((char *) str2) != ret) {
++								ast_log(LOG_WARNING, "Invalid certificate common name length (contains NULL bytes?)\n");
++							} else if (!strcasecmp(tcptls_session->parent->hostname, (char *) str2)) {
+ 								found = 1;
+ 							}
+ 							ast_debug(3, "SSL Common Name compare s1='%s' s2='%s'\n", tcptls_session->parent->hostname, str2);